Not wanting to hijack anyone's topic. Two business partners and I am in the process of forming a consultancy firm to offer our services in our island and possibly the Caribbean. All of us have our basis in Computer Science bachelors. However, I continued into forensics while one person has remained in mainstream IT and the other in a more project management role.
Our goal is to use all our skills to be a greater force in the services we can offer to potential clients. With that said, I wanted to continue to getting some certifications and was wondering if I should get my ENCE or CISSP or both, and if both, which one should I look to go after first.
Thanks very much.
Those are two very different certifications. For some the CISSP is not easy and I know many people who have been in IT security that have failed the exam multiple times, that is not to say i cannot be passed. I did. At least for most DOD contracts you are required to have the CISSP for security or audit related jobs.
The ENCE is a practical, vendor specific exam that show you demonstrate a proficiency in using an Encase product.
In my opinion I feel both are useful certifications, but I am in the security field, the CISSP will not provide you with any more technical skill, however it will give you an inch deep and a mile wide amount of information related to Information Security.
I agree with zerolift regarding the certifications. I would add that if you are going to be performing forensic analyses then go for the EnCE. The experience of completing the EnCE practical exam has been very helpful to my career as a computer forensic examiner.
If you are going to be selling the security services and need to "sound smart" about security then I'd pursue the CISSP.
Keep in mind, though, that both certifications require experience in the relevant field. I think the CISSP requires 5 years in one of the ten security domains and the EnCE requires 18 months of computer forensics\investigation experience.
Good luck,
jlgolin
Have you heard of CISSO?