New CISSP concentrations

Security Strategies This newsletter is sponsored by CREDANT Technologies, Inc. Survey Says: iPods a Growing Threat in Workplace 323 IT professionals reveal usage rates, potential impacts of portable data storage devices--iPods, MP3 players, USB flash drives, and data-centric smart phones at work. Surprisingly, organizations see rapid growth in usage, but few have a solution to prevent widespread data loss. Network World's Security Strategies Newsletter, 08/23/07 New CISSP concentrations By M. E. Kabay I recently spoke with Ed Zeitler, executive director of the (ISC)2 about recent developments at the certification body for security professionals. In part two of a two-part series, Zeitler discusses the new Certified Information Systems Security Professional (CISSP) concentrations and integration of the CISSP into university programs. * You recently introduced three Information Systems Security Professional (ISSxP) concentrations for CISSP holders - the Architecture (ISSAP), Engineering (ISSEP) and Management (ISSMP) certifications. What was the motivation for introducing those? The Engineering Professional concentration (CISSP-ISSEP) was developed in conjunction with the U.S. National Security Agency (NSA). They specifically wanted their people to have demonstrated expertise in engineering criteria and so they worked with (ISC)2 to establish the domain characteristics, which has worked out well. New Executive Guide Network World has recently published an executive guide entitled "Virtualization Meets Reality". Find out the 8 key challenges of virtualizing your data center. Download it now! Another example of cooperation was the ISSJP - Japanese Professional - launched in April 2007 and available only in Japanese. This program was a response to specific needs expressed by Japanese industry. The development process took about a year and a half. The Information Systems Security Management Professional (CISSP-ISSMP) is designed for the advanced information security manager. It reflects a deeper management emphasis and understanding built on the broad-based knowledge of the CISSP Common Body of Knowledge (CBK) domains. The concentration is designed for information security/assurance/risk management professionals who focus on enterprise-wide risk management. Information Systems Security Architecture Professional (CISSP-ISSAP) is the only credential for the advanced security architecture professional who focuses on high-level security for enterprise-wide systems and infrastructure. * Are the CISSP and its concentrations available in other languages beyond English? Yes! The CISSP exam is available in six languages: English, German, Spanish, French, Korean, and Japanese. * How are the concentrations doing in the marketplace? We’re too early in the product cycle to know yet. More than 1,700 concentration credentials have already been issued even though we haven’t put a lot of emphasis on them yet. * (ISC)2 runs CBK review courses. How are those courses going? The program is going very well. There are many courses. We don’t publish the pass rates of people taking the exams nor of those taking our courses and then the exams. While (ISC)2 is a non-profit, our education arm is the IT Professional Group (ITPG) and they provide our official educational program. We offer six-day, five-day, and one- and two-day courses (the latter by request). We also supply self-paced eLearning and instructor-assisted eLearning education as well as CBK texts and self-assessment exams. Our courses have garnered the _SC Magazine_ award for best security training program two years running. * What do you think of the integration of the CISSP exam into university programs? We think it’s great. There are several universities who sponsor CISSP exams at the completion of their courses and these are typically open to the public. We have created an Associate of (ISC)2 designation for people who have passed the examination but do not yet have the experience to qualify for the CISSP. [MK notes: Norwich University’s BSCSIA program is seriously considering having our students take the Associate’s exam at the end of their studies as part of our university accreditation process. The MSIA program sponsors examinations by the (ISC)2 every June during its residency week for graduating students and anyone else who wants to register.]   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Gunplay blamed for Internet slowdown 2. 1.6M records stolen from Monster.com 3. 10 virtualization companies to watch 4. Business e-mail overtakes the telephone 5. Skype users don't buy outage explanation 6. Google struggles with phone number 'for life' 7. Skype: Network felled by Windows Update 8. Voyager spacecraft celebrates 30-years 9. Top 10 'networkiest' eBay oddities 10. Is onshoring become the new offshoring? MOST-READ REVIEW: WAN acceleration offers huge payoff

Contact the author: M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information Assurance and CTO of the School of Graduate Studies at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site. This newsletter is sponsored by CREDANT Technologies, Inc. Survey Says: iPods a Growing Threat in Workplace 323 IT professionals reveal usage rates, potential impacts of portable data storage devices--iPods, MP3 players, USB flash drives, and data-centric smart phones at work. Surprisingly, organizations see rapid growth in usage, but few have a solution to prevent widespread data loss. ARCHIVE Archive of the Security Strategies Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007