IT Security Professional Certifications Discussion Panel

1. IT SECURITY PROFESSIONAL CERTIFICATIONS: Federal Information Systems Security Educators AssociationMARCH 15, 2001GAITHERSBURG, MD Lynn McNulty, CISSP, Panel Chair (McNulty & Associates) Gary Austin, CISA, CISSP (Guardent) Patricia Gilmore, CISSP (Atomic Tangerine) Robert Norris, Ph.D. (National Defense University)

2. PURPOSE • Discuss Current IT SecurityRelated Professional Certification Programs • (Note: Panel Members Do Not Represent All Available Certifications) • Provide Some Perspective On Professional Certifications For IT Security Personnel • Review Personal Versus Organizational Perspectives For Gaining Certification • Address Issue Of “Government Only” Certifications Versus Global Certifications

3. QUESTIONS THAT SHOULD BE ASKED TO PANELMEMBERS • Does Certification Equal Value? • Education Versus Practical Experience? • Consistency Between Certifications? • Benefits Of Certification • To The Organization? • To The Individual? • How Does Profession Certification Fit Into The Federal Personnel System?

4. CONCLUSION • Information Security Is Becoming A Separate, Distinct Career Field • Certification Should Be Viewed As Part Of A Process Of Personal Development And Education • Version 1.0 Of The “National Plan For Information Systems Protection” Cites An Acute Shortage Of Skilled IT Security Personnel In The Government. Is Certification A Measure Of Skill And Value? • Professional Certification Is Becoming A Factor For IT Security Careerists