Program focuses on security response

The CERT Coordination Center introduces a program to certify information-technology professionals in how to react to security incidents and network intrusions.

Robert Lemos
Robert Lemos Staff Writer, CNET News.com
Robert Lemos
covers viruses, worms and other security threats.
2 min read
The Computer Emergency Response Team (CERT) Coordination Center, a security-incident clearinghouse, introduced on Monday a program to certify information technology professionals in incident handling and response.

The certification program will train participants in how to react to security incidents and network intrusions. Those people who take five courses, including an elective, and pass a test administered by the Software Engineering Institute will be granted a Certified Computer Security Incident Handler Certification (CCSIHC). The Software Engineering Institute is part of Carnegie Mellon University and manages the CERT Coordination Center.

"The incident response certification is a benchmark that says that the leader knows how to lead and manage an incident response team," said Barbara Laswell, technical manager of practices, training and development at the institute. "It is important to know that the leader of the team has the knowledge to do that job."

While security certifications have been criticized by many security experts as not testing the true knowledge of the field, the certification of information technology professionals got a big boost in February from the Bush administration's National Strategy to Secure Cyberspace. In its third of five priorities, the certification program highlights the need for more security training and better ways to certify knowledge.

The government should, the program states, "promote private sector support for well-coordinated and widely recognized professional cybersecurity certifications." It says Department of Homeland Security should "encourage efforts that are needed to build foundations for the development of security certification programs"--programs that it hopes "will be broadly accepted by the public and private sectors."

Last November, the Computing Technology Industry Association (CompTIA) introduced its Security+ certification program, which it hopes will become a standard requirement for those seeking network administration jobs at companies and government agencies. CompTIA is made up of two dozen trade and government security experts, including representatives from Microsoft, IBM and the Federal Bureau of Investigation.

Perhaps the best known security certification is the the Certified Information Systems Security Professional (CISSP) rating given by the International Information Systems Security Certification Consortium.

"Those certifications are broad and cover a variety of topic areas," Laswell said of the Security+ and CISSP ratings. "This certification targets specifically incident response. The others are horizontal certifications across domains--we are the vertical slice."

The certification created by the CERT Coordination Center prepares participants to create and manage a Computer Security Incident Response Team, according to the Software Engineering Institute. Information on the new certification program can be found on the CERT Coordination Center Web site.