Saturday, September 21, 2013

New Certification Targeting Critical Infrastructure - GICSP

Info Security Magazine (not to be confused with my friends at Information Security Magazine published by  SearchSecurity and TechTarget) recently posted an article regarding a new certification entitled the Global Industrial Cyber Security Professional (GICSP).  Supposedly this new certification will be developed by a " industry collaborative..." in conjunction with the GIAC or Global Information Assurance Certification.

According to the article:

The objective of the certification is to help organizations which design, deploy, operate and maintain industrial automation and control system infrastructure to ensure best practices, starting with individual skills and knowledge. The GICSP will be available to candidates in late November 2013.

The community initiative plans to establish an open body of knowledge for process control design and information technology security as well. When it comes to ICT security, system vendors, project engineering contractors, process operators, IT service providers and maintenance/support personnel all require a blended set of IT, engineering and cybersecurity competencies.

For a closer look at the details regarding the certification, areas covered, exam requirements and frequency of recertification please take a look at the GICSP details link here.

I will be sure to closely follow this certification and other commentary that surfaces.  We all agree that industrial controls security should be substantially improved and maybe this new certification will help raise awareness and performance standards in this critical area.

I would be interested in your opinions on this new certification.