Does anyone plan on taking this exam? September will be the month of release.
Also what do you think of the topic coverage (download from site). Do you think this being from ISC2 will make it more superior to the public than a CCE or GCFA?
Thanks of your analysis!
Do you think this being from ISC2 will make it more superior to the public than a CCE or GCFA?
Well, ISC2 will be better known the 'the public' than ISCFE, but I'm not sure that is what matters.
There is certainly an interest in it – there's also some faint resentment, as its presence suggests that existing certifications are not considered good enough. (Though I happen to agree with that – there's too little competition for current certifications to maintain an edge.) There have been questions if it is just another CISSP-exam (i.e. high on information, low on competence), and more intended to milk the forensic field on course and certification costs and annual maintenance fees. On the other hand there seem to have been fairly straight statements that it's intended to be a highly technical and thus not intended as a mass-certification.
Noone knows yet.
Note the requirements Baccalaureate + three years full time DF/IT security (ignoring the alternatives). There are some waiver rules, so the list of approved alternate certifications will be interesting to examine.
From the information package, I get the impression that it is rather light on critical thinking – but that may be selective reading on my part, or my personal bias towards fairly hard science as foundation for the field. Look at the 'Forensic Science' part methods, planning & analysis, report writing, QA & management, and evidence analysis correlation. Very little in there that says 'science' to me, I'm afraid.
And the maintenance of the certification is ISC2 all over annual maintenance fee of $100 + 90 CPEs every three years. But not even a partial reexamination in sight. It's a very quickly moving field can they handle that, or will someone who certifies on expertise on Windows 7 still be allowed to have a certification five years later, when Win7 is as dead as DOS?
But until there are reports from enough people who have actually taken the exam, and can compare it with something reasonably well-known … I'm biasad in favour of the CCE … it's a new kid on the block that may or may not become a valued citizen.
There's place for it, that's the only thing I'm sure of.
Do you think this being from ISC2 will make it more superior to the public than a CCE or GCFA?
Well, ISC2 will be better known the 'the public' than ISCFE, but I'm not sure that is what matters.
There is certainly an interest in it – there's also some faint resentment, as its presence suggests that existing certifications are not considered good enough. (Though I happen to agree with that – there's too little competition for current certifications to maintain an edge.) There have been questions if it is just another CISSP-exam (i.e. high on information, low on competence), and more intended to milk the forensic field on course and certification costs and annual maintenance fees. On the other hand there seem to have been fairly straight statements that it's intended to be a highly technical and thus not intended as a mass-certification.
Let me ask, are there not existing
highly technical and thus not intended as a mass-certification
Certifications ?
I say the real issue at hand is the departments and persons who hire. Are they aware of all the quality certifications that exit or are they looking to mass marketing and only some word of mouth as to which certifications to accept and/or consider.
When I checked about two (2) years ago, I only found a scant few surveys of employers that indicated that it only seemed that the vendor supported certifications and CISSP were recognized and why CISSP for digital forensics, it does not make sense to me based on its' focus. This could be the reason they are throwing their hat into the ring. Like you indicated, it could be just another stream of money for their bottom-line.
No one knows yet.
Note the requirements Baccalaureate + three years full time DF/IT security (ignoring the alternatives). There are some waiver rules, so the list of approved alternate certifications will be interesting to examine.
They are also ignoring any military experience and/or training, at least within the Private sector. What a shame and a loss of tax payer's dollars spent for our personnel.
From the information package, I get the impression that it is rather light on critical thinking – but that may be selective reading on my part, or my personal bias towards fairly hard science as foundation for the field. Look at the 'Forensic Science' part methods, planning & analysis, report writing, QA & management, and evidence analysis correlation. Very little in there that says 'science' to me, I'm afraid.
And the maintenance of the certification is ISC2 all over annual maintenance fee of $100 + 90 CPEs every three years. But not even a partial reexamination in sight. It's a very quickly moving field can they handle that, or will someone who certifies on expertise on Windows 7 still be allowed to have a certification five years later, when Win7 is as dead as DOS?
But until there are reports from enough people who have actually taken the exam, and can compare it with something reasonably well-known … I'm biasad in favour of the CCE … it's a new kid on the block that may or may not become a valued citizen.
There's place for it, that's the only thing I'm sure of.
I do not believe that this is the only organization that delivers on the promise of qualified personnel. I believe that just like the persons that hire, most of the public are not aware or have done their homework in learning what else is out there. Over the past, at least, five years, there have been time and time again posts on this subject about Digital Forensic Certifications in this site's forums. I agree that this says that there is a need out there, but who and what says that a security oriented group should make the call on this type of certification.
Why not turn to a group like Consortium of Digital Forensic Specialists -
This is my two cents……
I read the post form ISC2 regarding CCFP and their snapshot. Also had a look on their Webpage.
Not sure how deep this goes into the needs of our Job. Is this just an other certification or is this something where you say He I learned something?
I've started with an CAS in IT forensics over here and went ahead with a SANS course and will take some others, because I can choose what I need for my job and select modules. GIAC certifications are not popular over here - I saw them only in sweden und in the UK.
Being in an Enterprise or working as a gov forensicer is also different. All countries have different laws. And having an exam kit for Asia, Europe doesn't make really sence.
What's your experience with courses and certifications?