NBISE to set certification standards for IT security practitioners



User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Fri Aug 06, 2010 1:14 pm

NBISE to set certification standards for IT security practitioners

Weeding out the pros from the joes?

A new non-profit group is developing certifications for information technology security professionals that will set a high bar for IT security practitioners in areas like penetration testing, code auditing and control systems operation.

The National Board of Information Security Examiners (NBISE) is a new, not-for-profit corporation headed by former NERC (North American Electric Reliability Corporation) CSO Mike Assante and overseen by a board of luminaries in the world of information security and critical infrastructure.  The group will be designing certification exams to test the knowledge, practical skill and professionalism of IT security practitioners, with an eye to weeding out the information technology world’s equivalent of quacks and hucksters.

The new tests are designed to supplant a hodge podge of private and industry certifications for IT security practitioners, including the CISSP and certificate programs run by the SANS Institute and other industry and private groups. NBISE claims that too many of those tests test knowledge, rather than hands-on skills required of practitioners.

http://threatpost.com/en_us/blogs/new-c ... ros-080510


User avatar

Hero Member
Hero Member

Posts: 1718

Joined: Mon Jan 29, 2007 2:59 pm

Post Fri Aug 06, 2010 1:28 pm

Re: NBISE to set certification standards for IT security practitioners

Definitely wouldn't hurt, eh?

Would be nice to have another 'practicum'-style, hands-on exam, similar to OSCP, to help test folks knowledge, as well as freshen the knowledge of those already seasoned in pentesting, while weeding out garbage.  Gonna have to keep my eyes on this, and see where they take it. 

It's nice to see some of the folks in support of it, named in the report.  Let's just hope that it doesn't totally kill off some of the lower programs that are out there, as there still needs to be a training ground for the 'up and comers,' lest the true high-level folks eventually become a thing of the past, as newcomers don't get enough fed to them to grow to their full potential.

Additionally, being that this JUST came to light, I found it odd that they're planning to have their first exam released in the next 30 days, already...  Either someone's been quietly working on this, for quite a while, and a lot of folks have been putting effort in, offline, or I'd have to question the validity of something thrown together too quickly...

Ultimately, though, I hope this succeeds, and provides a new learning and growth experience.  I always welcome new information!!!
~ hayabusa ~ 

"All men can see these tactics whereby I conquer,
but what none can see is the strategy out of which victory is evolved."
- Sun Tzu, 'The Art of War'

OSCE, OSCP (Former - GPEN, C|EH - both expiring / expired)

Return to Security

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software