It only takes a brief perusal of the tech news on any given day to realize that information technology security is one of the most pressing issues for current IT managers working for businesses and all levels of government. Hackers of all levels, from individual pranksters to members of organized crime syndicates, continue to find new ways to compromise networks, steal financial or intellectual property assets, and get hold of private information given by trusting customers, resulting in millions of dollars of credit card fraud and identity theft-related crimes.
Due to these nefarious activities, IT pros specialized in information security are in high demand in both corporate and government enterprises. As the total value of global digital assets continues to grow -- along with the sophisticated hacking attempts being used against the networks storing these assets -- so does the requirement for skilled information security professionals (or "infosec" pros, if you want to sound really cool).
GISP Certification overview
Information security professionals looking to prove their skills should consider the GIAC Information Security Professional certification. GIAC (Global Information Assurance Certification) certifications are recognized by corporations and government agencies around the globe, and the company has been offering its IT security-related certification programs since the late 1990s.
GIAC's certification program has been accredited by the ANSI/ISO/IEC 17024 Personnel Certification Accreditation Program. This distinction means that the GIAC program meets a number of crucial requirements for design, implementation and quality.
The GIAC Information Security Professional certification is classified as an "intermediate" certification by GIAC. There aren't any prerequisites to qualify for the GISP certification, but candidates are encouraged to take an information security training course before they attempt the exam.
The GISP certification exam can be booked through the the GIAC website. (A GIAC user account must be created first.) The exams themselves are given at a designated Pearson VUE test center, and the test consists of 250 questions. Candidates have five hours to complete it, and they must achieve a passing score of 70 percent or higher to get certified.
Here are the major areas of knowledge covered in the GISP certification exam, as listed by GIAC:
- Access Controls
- Business Continuity and Disaster Recovery Planning
- Information Security Governance and Risk Management
- Law, Regulations, Compliance and Investigations
- Physical and Environmental Security
- Security Architecture and Design
- Security Operations
- Software Development Security
- Telecommunications and Network Security
Renewing the certification
The GISP certification, once earned, remains active for four years. Those who have earned the GISP can start the re-certification process up to two years prior to the certification's expiration date. To renew the GISP, candidates must earn a number of GIAC Certification Maintenance Units. CMUs are accrued in a number of ways, including practical work experience and by taking training courses. Candidates can read the GIAC Renewal webpage for more details on renewing the GISP certification.
The GIAC Information Security Professional certification is a highly relevant industry designation. Significantly, GISP is a vendor-neutral certification, so it is not limited to any specific hardware or software. This gives GISP additional cachet with employers in the public and private sectors, and makes it a great certification for information security professionals around the world.