Presented ByLionel Hackett

WiseCrowdCEO & Co-Founder

2 November 2016@WiseCrowdGlobal

A Career in Cybersecurity

Lionel HackettWiseCrowdCEO and Co-founder

About Me

Previous Experience

“The trusted online platform connecting businesses with freelance

consultants in Governance, Risk & Compliance

(GRC)”

Introduction - A Career in Cybersecurity • Why? The Opportunity

• What? The Certifications

• How? The Career Boosters

ISACA is an international professional association focused on IT Governance. Previously known as the Information Systems Audit and Control Association, ISACA now goes by its acronym only, to reflect the broad range of IT governance professionals it serves

CSX Practitioner (CSXP)• Demonstrates the ability to serve as a first responder to a cybersecurity incident following

established procedures and defined processes. One certification and three training courses.• This certification is a prerequisite for any of the five CSX Specialist certifications.

CSX Specialist (CSXS)• Demonstrates effective skills and deep knowledge in one or more of the five areas based closely

on the NIST Cybersecurity Framework: Identify, Detect, Protect, Respond and Recover.• There is one certification and one training course for each of these five areas. Professionals can

choose to attain one or more of the five.• CSX Practitioner is a prerequisite for a CSX Specialist designation.

CSX Expert (CSXE)• Demonstrates ability of a master/expert-level cybersecurity professional who can identify,

analyse, respond to, and mitigate complex cybersecurity incidents. • There is one training course and one certification at this level. No prerequisites are required.

ISACA’s new cybersecurity certifications

Certified Information Systems Auditor (CISA)• Demonstrates audit skills and the ability to assess vulnerabilities, establish controls, and report on

compliance within the enterprise. • Minimum of five years of work experience in the fields of Information Systems Auditing, Control, Assurance

or Security is a prerequisite.

Certified Information Security Manager (CISM) • Demonstrates the ability to create a relationship between an information security program and broader

business goals and objectives. Ensures knowledge of information security, as well as development and management of an information security program.

• Minimum of five years of work experience in the field of information security, with at least three years in the role of information security manager is a prerequisite.

Certified in Risk and Information Systems Control (CRISC)• Prepares and enables IT professionals for the unique challenges of IT and enterprise risk management, and

positions them to become strategic partners to the enterprise.

ISACA Certifications

Systems Security Certified Practitioner (SSCP)• Good option for IT managers who have built their technical skills and practical security know-

how via hands-on roles.• Offered by the International Information Systems Security Certification Consortium (ISC)2. • Minimum of one year of cumulative paid full-time work experience in one or more of the seven

domains of the SSCP Common Body of Knowledge (CBK) is prerequisite.

Certified Information Systems Security Professional (CISSP)• (ISC)2 certification for professionals who have extensive technical and managerial skills and

experience. • Demonstrates credibility and expertise to design, implement, and manage their own information

security programs to protect their businesses from the rapid increase in sophisticated cyberattacks.

• Minimum of five years of paid full-time work experience in two of the eight domains of the CISSP CBK is prerequisite.

(ISC)² Cybersecurity Certifications

Global Information Assurance Certification (GIAC) tests and validates the ability of practitioners in areas including security administration, forensics, management, audits, software security, and legal.

GIAC Security Essentials (GSEC)• Demonstrates that they are qualified for IT systems hands-on roles with respect to security tasks.

Candidates are required to demonstrate an understanding of information security beyond simple terminology and concepts.

GIAC Penetration Tester (GPEN)• Demonstrates penetration-testing methodologies, the legal issues surrounding penetration

testing and how to properly conduct a penetration test as well as best practice technical and non-technical techniques specific to conduct a penetration test.

GIAC Cybersecurity Certifications

EC-Council is a member-based organisation that certifies individuals in various e-business and information security skills.

Certified Ethical Hacker (CEH)• CEH is a comprehensive Ethical Hacking and Information Systems Security Auditing program,

suitable for candidates who want to acquaint themselves with the latest security threats, advanced attack vectors, and practical real time demonstrations of the latest hacking techniques, methodologies, tools, tricks, and security measures.

• Official training or at least two years of information security related experience is prerequisite.

EC-Council Certified Security Analyst (ECSA) • Advanced ethical hacking certification and a step ahead of a CEH. This certification helps

analysts validate the analytical phase of ethical hacking by being able to analyse the outcome of hacking tools and technologies.

• Official training or at least two years of information security related experience is prerequisite.

EC-Council Cybersecurity Certifications

Career Boosters• Certification and accreditation• Continuing Professional Education (CPE)• Attend events and conferences• Mentoring• Write articles or blog• Maintain LinkedIn and Twitter profile• Develop good relationships with recruiters

Conclusion• Massive Opportunity• Personally Challenging• Constantly Evolving• Exciting

Any Questions? : @WiseCrowdGlobal

Website: http://wisecrowd.global

Email: info@wisecrowd.global