By Tony Patton
A basic objective of any certification is reassuring organizations that a prospective employee’s knowledge is legitimate. Although certification alone is not enough to make such a guarantee, it is a powerful indication of that knowledge, when combined with real-world experience. It can also be the deciding factor in selecting a candidate.
One of the avenues of certification available to IT pros interested in pursuing an infosec career is the SANS Institute's Global Information Assurance Certification (GIAC). Founded in 1999, GIAC offers three levels of certification: foundational, intermediate, and advanced. The following are GIAC's foundational level certs:
- GIAC Security Essentials Certification (GSEC)
- GIAC Information Security Officer (GISO)
- GIAC Security Leadership Certificate (GSLC)
- GIAC IT Security Audit Essentials (GSAE)
- GIAC Gold Standard Certificate (GGSC-0100)
Let’s take a closer look at each of these certificates and see how you can begin the process of SANS certification.
The GSEC certificate allows an individual to demonstrate basic knowledge of computer security. Basically, someone with this certificate has the knowledge necessary to institute a security policy in any organization. An employer can rest assured that this person knows the ins and outs of security. The GSEC may be viewed as a beginner-level cert, but the GIAC site describes it as a foundational certificate. That is, the knowledge required to attain this level serves as a foundation for all subsequent certifications. SANS recommends that would-be security professionals master the GSEC before pursuing any of its higher-level certifications.
The GISO cert is designed for those professionals who will shape corporate security policy. It qualifies the skill set necessary to be an effective information security officer. This title may vary depending on the organization, but the cert covers such topics as risk management, system security policies, and system administration. To earn GISO certification, individuals need to be knowledgeable of all aspects of security so that they can make key decisions in the ever-changing technology field.
Not everyone in IT is a hands-on techie. For example, there is usually a manager who doesn't necessarily get his or her hands dirty. Although these managers may not need to know the minute details of IT security, they do need to be aware of current security technology and relevant best practices. For these individuals, GIAC offers the GSLC certification.
The GSAE certification targets those who are responsible for auditing corporate security policy, procedure, risk, and conformance. The focus of this cert is narrow. A GSAE- certified pro doesn't need to be a technical expert, but must have the level of knowledge needed to develop security audit checklists.
Those who earn the status of GGSC-0100 confirm their knowledge of how to set up Windows-based systems according to the Gold Standard developed by The Center for Internet Security. These standards are developed by a consensus of professionals from industry, academia, and government. Their security benchmarks are used throughout the industry.
Building your foundation
These five certifications offer a peek at the GIAC initiative. Additional certifications progress beyond the entry level, but you shouldn't tackle them without the necessary beginner or foundation knowledge.
As with vendor-specific certifications from companies like Microsoft, GIAC certs must be renewed at varying intervals, usually two to four years. For example, the GSEC, GISO, GSNA, and GSLC certificates must be renewed every two years. This is to be expected, given the fluid nature of the technology sector.
Where to begin
Certification exams from other vendors are often administered by a firm such as Prometric, but the GIAC certificates are not. The process is not as simple as scheduling an exam, paying a fee, and writing the test. Clearly, GIAC wants only dedicated individuals to tackle the exam, because it has made the procedure quite rigorous.
The certification process includes multiple steps, beginning with a research paper. These assignments are set up with corresponding conferences, so the assignments can change from conference to conference. Once candidates complete their research paper, they submit it for grading and must receive a passing score to advance to the testing stage. They must then pass the exam to earn their certification.
Attaining these certificates is also a costly process. The GIAC Web site lists prices for the certificates (100 to 250 US dollars), but these prices are in addition to training fees. The candidate may attend a SANS conference or use SANS online training to begin the process, and the pricing for these options varies. The SANS Web site provides more information on the training and conferences.
Back up your claims
Many technical professionals proclaim thorough knowledge of one or more technologies, but it is hard to measure or validate these claims. This is especially troublesome for those who are trying to fill open positions. The GIAC initiative aims to provide a vehicle to qualify a candidate's security knowledge with industry-recognized certificates.