An interesting new industry group has coalesced around the subject matters of Information Security and IT certification. It's called the Cybersecurity Credentials Collective (aka C3) and it represents "... a new effort to promote the benefits of certifications in the skills development of information security professionals around the world," in the words of the CompTIA press release that announced the group's formation on February 29, 2012.
In addition to CompTIA (the Computing Technology Industry Association, itself a federation of computing manufacturers, software developers, retailers and integrators, plus representatives from government, research and academia), the following organizations are taking part in the C3 (listed with the names of their key information security credentials, where applicable):
- CompTIA currently offers the Security+ and the CompTIA Advanced Security Professional (CASP) credentials
- ASIS International: Certified Protection Professional (CPP), Professional Certified Investigator (PCI), and Physical Security Professional (PSP)
- EC-Council: Certified Ethical Hacker (CEH), Certified Hacking Forensic Investigator (C|HFI), EC-Council Certified Security Analyst (E|CSA), Licensed Penetration Tester (L|PT), and EC-Council Network Security Administrator (E|NSA)
- IAPP (International Association of Privacy Professionals): Cerrtified Information Privacy Professional (CIPP)
- IEEE (Institute of Electrical and Electronics Engineers): Certified Software Development Associate (CSDA) and Certified Software Development Professional (CSDP)
- ISACA (formerly Information Systems Audit and Control Association): Cerified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC)
- SANS GIAC (Global Information Assurance Certification): over 30 different information security credentials, all highly regarded
- ISC2 (International Information Systems Security Certification Consortium): Certified Information Systems Security Professional (CISSP), and SSCP (Systems Security Certified Practitioner), and more
- The National Board of Information Security Examiners (NBISE) doesn't offer any certifications, per se, but it does set standards for information security test, audit, and best practices
This organization has certainly gathered together many of the major players in the infosec certification space (aside from the vendors like Cisco, CheckPoint, Symantec, Fortinet, and so forth) and looks to have serious critical mass. I'm going to be watching their activities and pronouncements with great interest. If you have similar interests you may want to do likewise!
[Here's a link to the CompTIA Press Release the announced the C3: "Leading Cybersecurity Certification Groups Form Industry Collaborative."]