[ISN] Industry, govt. group issues security standards

From: InfoSec News (isnat_private)
Date: Wed Dec 04 2002 - 00:58:11 PST

  • Next message: InfoSec News: "Re: [ISN] New opportunities for NIST"

    By Paul Roberts
    IDG News Service
    A group made up of representatives of the U.S. government and leading
    technology companies has released new certification standards for
    security professionals, according to a statement released Monday by
    the Computing Technology Industry Association (CompTIA).
    The new certification, known as Security+, is intended to provide a
    standard method for training and evaluating the abilities of IT
    Among the organizations that participated in the Security+ committee
    are major software and hardware vendors such as Microsoft, IBM, and
    Sun, as well as leading security companies such as RSA Security,
    Entrust and VeriSign.
    The FBI, U.S. Secret Service and National Institute of Standards and
    Technology along with leading industry trade groups also contributed
    to the creation of the Security+ certification standards, CompTIA
    Security+ certification is targeted at professionals with at least two
    years of computer networking experience and is intended to create an
    objective measure that companies and organizations can use to assess
    the security training of employees and job applicants.
    Individuals seeking Security+ certification must pass an examination
    covering security concepts ranging from methods of external attack to
    authentication and access control.
    Information professionals must also master areas such as cryptography
    and organizational security concepts.
    The ultimate goal of Security+ certification is to increase the number
    of men and women who are properly trained to manage what CompTIA calls
    the "frontline security-related positions" - those jobs with direct
    oversight of the machines and systems that may come under attack or
    otherwise be compromised, according to CompTIA.
    In addition to an exam published by CompTIA, academic institutions and
    technology courseware developers such as Sybex are in the process of
    producing printed and software-based courseware for Security+
    certification, according to CompTIA.
    In addition to training offered from independent training vendors and
    educational institutions, hardware and software companies and security
    associations have indicated that they will use CompTIA's Security+
    certification part of their company-specific senior-level security
    certification programs, according to CompTIA.
    ISN is currently hosted by Attrition.org
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Wed Dec 04 2002 - 03:32:19 PST