IS Education and Certification - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

IS Education and Certification

Description:

Why do you want MORE education or certificates? You have no other hobbies. ... CCIE Cisco Certified Network Administrator all the way up to the high and ... – PowerPoint PPT presentation

Number of Views:139
Avg rating:3.0/5.0
Slides: 23
Provided by: Kurt162
Category:

less

Transcript and Presenter's Notes

Title: IS Education and Certification


1
IS Education and Certification
  • Getting the RIGHT Tools

2
Where to Begin?
  • Why do you want MORE education or certificates?
  • You have no other hobbies..
  • You have too much money already..
  • You have too little money..
  • You are seeking a higher meaning of life..

3
Innovation
  • Using your education or certs to understand where
    you can improve IS
  • Washington is taking notice
  • - what drives innovation?
  • - they know that time is running out
  • - flight intellect is out of control

4
So what do you want to do?
  • Do you want to be a technical guru?
  • Do you want to manage IS?
  • Do you want to develop technologies?
  • Do you want to support the enterprise?
  • Do you want to do compliance/governance?
  • Do you want to hack (hide in a dark room and wear
    shorts to work every day)?

5
Options
  • Certification
  • CISSP
  • CISA
  • CISM
  • GIAC
  • CGEIT
  • Degrees
  • Graduate Degrees
  • Master of Sc
  • PhD
  • Training
  • MCSE
  • CCNA
  • CompTIA

6
Training Vendor Specific
  • MCSE Microsoft Certified Systems Engineer (
    Security, Internet, etc.)
  • - Supporting IT Enterprise
  • - Admin resources (AD, Exchange)
  • Not a great deal of cost, but many separate
    exams and lots of study

7
Training Vendor Specific
  • CCNA .. CCIE Cisco Certified Network
    Administrator all the way up to the high and
    mighty Cisco Certified Internetworking Engineer
  • - Obvious isn't it? Supporting all levels of
    operability for Cisco gear
  • Cheap to take the test depending on how
    advanced. CCIE big bucks, big study

8
Training Vendor Specific
  • CompTIA (Security Plus) certs/training
  • Many, many, many others technology specific and
    vendor certs and training
  • - Costs can have a wide range
  • - Applicable to the technology in your
    environment (IS, IT, IA)
  • - might be less portable .

9
Certification General IS
  • CISSP Certified Information System Security
    Professional (ISC2)
  • includes other delicious flavors
  • Information Systems Security Architecture
    Professional (ISSAP), Concentration in
    Architecture
  • Systems Security Engineering Professional
    (ISSEP), Concentration in Engineering
  • Information Systems Security Management
    Professional (ISSMP), Concentration in Management
  • - considered the gold standard cert for
    information security practitioners
  • - A mile wide and an inch deep
  • - Good for analysts, engineers, managers
  • - Know your ten domains ..fork over 500
  • - mmmmsmells like a raise

10
Certification General IS
  • CISA Certified Information Systems Auditor
    (ISACA)
  • - An inch wide and a mile deep
  • - You want to do compliance?
  • - Good for internal and external audit, as well
    as those in a IS governance role
  • - Prepare to pull out your hair, fork over 500
  • - Study until you are sure you will fail the
    exam
  • This smells like a raise also or at least a
    trip to the funny- farm

11
Certification General IS
  • CISM Certified Information Security Manager
    (ISACA)
  • - A good general evaluation of information
    security best practices
  • - Meant to be geared to managers of IS, but
    good for all levels
  • - Yet another 500, of moderate difficulty
  • - Dont forget your CPE Credits!

12
Certification General IS
  • GIAC - Global Information Assurance Certification
    (SANS)
  • - Lots of choices very specific disciplines
  • GAWN - GIAC Assessing Wireless Networks
  • GCFA - GIAC Certified Forensics Analyst
  • GCFW - GIAC Certified Firewall Analyst
  • GCIA - GIAC Certified Intrusion Analyst
  • GCIH - GIAC Certified Incident Handler
  • GCUX - GIAC Certified UNIX Security
    Administrator
  • GCWN - GIAC Certified Windows Security
    Administrator
  • GISF - GIAC Information Security Fundamentals
  • GSE - GIAC Security Expert
  • GSEC - GIAC Security Essentials Certification
  • GSIP - GIAC Secure Internet Presence
  • GSOC - GIAC Securing Oracle Certification
  • GPEN - GIAC Penetration Tester
  • Great for the real technical guru types
  • Lots of opportunity within the network to publish
    and improve IS

13
Certification General IS
  • CGEIT Certified in the Governance of Enterprise
    IT (ISACA)
  • - Brand-spankin new certification
  • - Meant for managers and directors of enterprise
    operations
  • - Governance meaning managing the whole deal
    such at IT, IS, IA, Dev, etc.
  • - Exam is said to be of moderate difficulty but
    very broad
  • - Very little data on study needs, test is
    another 500
  • (I see a pattern emerging here)

14
Formal Education
  • Undergrad many options of course in MIS, IS,
    Dev, etc.
  • - You can do it online!
  • - Find a school with a good reputation
  • - Usually costs a boatload of money and time
    (maybe four years and tens of thousands depending
    on what you have already)
  • - Very portable, but be sure that you want to
    do what you major in (my undergrad was in Finance
    and Philosophy)

15
Formal Education
  • Graduate Degrees MSc Information Assurance, MSc
    Information Security
  • Norwich University (very old and distinguished,
    fully accredited, NSA Center of Excellence for
    IS)
  • All the others - U of SF, GW, BU, UoP
  • Make sure it is accredited
  • Takes from 18 24 months
  • - dont plan on seeing your family much
  • - Student loans available fill out your FAFSA!
  • (20k - 40k)

16
Formal Education
  • PhD You can be a doctor of ??? Is there a
    doctor in the house?
  • Are you going to teach?
  • Academic career path but maybe not!
  • Science heavy organizations and the military want
    YOU! So do universities..
  • PhD in IS from Capella, Nova Southeastern, U of
    Phoenix (online and otherwise)
  • Lots of money and time (can you say
    dissertation?)
  • - minimum of three years and up to 60k

17
Formal Education
  • Evaluate the industry acceptance of your chosen
    university!
  • - All graduate schools and programs are NOT seen
    with the same level of prestige
  • - Look for fully accredited schools
  • - NSA Center of Excellence
  • - Weigh the cost in dollars and time
  • - Ask around within your peer networks

18
What can it all do for you?
19
What can it all do for you?
  • More money salaries for those with certs and
    education is going up (for others without not
    so good)
  • More respect fewer sneering and rolling of the
    eyes from your peers and boss when you have new
    ideas
  • More knowledge as proved by the framed pieces
    of paper on your wall
  • Career advancement evidenced by the boxes being
    packed in your bosses office
  • Your spouse will love you more

20
What else can it do for you?
  • It costs time depending on what you choose you
    may be able to adopt the unshowered zombie look
    without ridicule
  • It costs money until you finish you will have
    an excuse why you never pay for dinner
  • CPE credits and maintenance More money and time
    trying to figure out what and why CPEs are
    required
  • It may make you insane studying will do that to
    you
  • More dollars spent on beer as a direct
    consequence of the previous point

21
Kurt BaumgartenKurtB_at_PeritusSecurity.com
  • VP of Information Security at Peritus Security
  • MSc in Information Assurance been there!
  • MBA the kicker
  • CISA What drove me to this state of near
    madness
  • CGEIT What pushed me over the edge
  • MCSE Because it was there and I started on the
    bottom like the rest of us
  • Contributing author to the Computer Security
    Handbook Fifth Edition (Wiley Sons, Toronto)

22
Questions Comments
  • Thank you
Write a Comment
User Comments (0)
About PowerShow.com