With cyber security a concern among enterprises and even individuals, a non-profit group has come up with certification in cyber forensics.
(ISC)², a not-for-profit professional body for information security, said the Certified Cyber Forensics Professional certification will initially be available for the US and South Korea and will be offered beginning 25 September 2013. The US and South Korea will host the first examinations.
(ISC)² is the same group that administers the Certified Information Systems Security Professional (CISSP) and the Certified Secure Software Lifecycle Professional (CSSLP). It has now developed the Certified Cyber Forensics Professional (CCFP) standards for assessing digital forensics professionals.
The new certification is designed for digital forensics employees and the legal community. Intended as a global standard, the new certification reflects internationally accepted practices in cyber forensics, including forensic techniques and procedures, and legal and ethical principles. For employers, this certification means that professionals are knowledgeable and experienced in the international standards.
“Digital forensics professionals are becoming more and more essential to the security posture of any organisation,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, executive director, (ISC)². “The CCFP is a comprehensive, expert-level programme that fills a significant void in the digital forensics certification market by validating the depth of senior-level professionals’ experience and expertise. It assures credential holders have the necessary breadth and depth of knowledge and thinking skills needed to address today’s complex cyber forensic challenges.”
Tipton said (ISC)² has collaborated with international experts in digital forensics, including the American Academy of Forensics Sciences and the Korea Cyber Forensics Association, to develop the certification.
Applicants vying for certification must be graduates of a four-year degree or regional equivalent and should have at least three years of full-time, professional experience in digital forensics or IT security in three out of the six domains of the credential, but alternatives are also available. The six domains are:
- Legal & Ethical Principles
- Forensic Science
- Digital Forensics
- Application Forensics
- Hybrid & Emerging Technologies
"The field of digital and multimedia forensics is playing an increasingly important role in the public sector, with government prosecutors relying on digital forensics experts to collect, analyse and present evidence in support of criminal cases as well as organised crime investigations," said Dan Ryan, attorney at law, (ISC)² forensics advisor and former professor of cyberlaw, National Defense University.
"As cyber warfare proliferates, government agencies rely on forensics data to attribute accurately an attack and hold the attackers accountable," he adds. "A skilled forensics professional can make all the difference in solving counter-terrorism cases or identifying actors who have stolen sensitive information."
Sign up for Computerworld eNewsletters.