INTERNATIONAL VENDOR-NEUTRAL CERTIFICATION FOR INFORMATION SECURITY PROFESSIONALS

Abstract

When looking for qualified specialists in the field of IT and information security employers give preferences to candidates with professional certificates from reliable and worldwide recognized organisations. Attracting certified professionals allows the company to make the most efficient use of its staff and thereby increase its competitiveness. For qualified specialist, the certificate is a guarantee of his competence and the basis of confidence in a successful professional career. Today, the market of IT and information security professional certification offers both certification programs from well-known software or hardware manufacturers, as well as vendor-neutral certifications, developed by expert organizations in this field and not related to the products of individual manufacturers. Vendor-neutral certification programs provide a comprehensive approach to information security and ensure that certified specialists acquire understanding of technical and managerial aspects of information protection, as well as possess a wide range of diverse knowledge and practical skills. The article researches the most popular and demanded on the market certification courses in information security from (ISC)2, ISACA, EC-Council and CompTIA. The authors found that reviewed certifications have the following common features: short training period of the certification programs, usually 5-7 days; joining both basic and specialized components within the courses; the use of well-known and mostly open hardware and software during training; combining various forms and methods of training: face-to-face and distance learning with an instructor, self-study, online tests and special learning platforms; conducting a comprehensive exam with the issuance of a certificate; three-year validity period of the certificate which must be confirmed through participation in scientific and practical activities in the specialty. The study of international certification for information security specialists in Ukraine showed that there are several companies-authorized providers of certification services: ISSP Training Center, Fast Lane Group, Kyiv Chapter of ISACA, PwC Ukraine, which certify information security professionals through vendor-neutral courses, as well as certification programs of software and hardware developers.