Cybersecurity professionals will soon have access to a new credential that validates their skills in conducting digital investigations.
(ISC)2 on Monday announced the new Certified Cyber Forensics Professional certification, which will provide employers and the legal community a better way to assess the skills of digital forensics professionals and their ability to lead digital investigations.
Hord Tipton, executive director of (ISC)2, said Thursday that the cyber forensics field is growing at roughly three to four times the rate of the overall economy. The government could benefit in particular from top-notch forensics to help determine the root causes of why a breach occurred, he said.
“We’re now in a world of digital cyber forensics and there’s no guns or bloody knives as evidence,” Tipton said. “It’s all on tapes and hard drives and extracted from files, and it’s a difficult thing to explain” to the attorneys prosecuting cases and the juries deciding them.
The credential, initially available in the U.S. and South Korea beginning Sept. 25, assesses skills in both the digital forensics and information security disciplines. (ISC)2 conducted a job task analysis study as well as development workshops to determine the scope and content of the program.
Tipton emphasized that the credential is reserved for professionals with high experience in cybersecurity, particularly those who already hold other cyber credentials and specialized training. (ISC)2 requires that applicants for the credential have at least a Bachelor’s degree and at least three years of related full-time work experience. For those not holding a degree, six years of digital forensics experience is required, though that can be reduced to five years if the professional holds other qualifying certifications, Tipton said.
“Only the brightest of the bright are actually going to be able to pass this exam,” Tipton said. “But the need for it is going to be appreciated and grow very quickly as the level of the people coming into the field grows.”