ESecurityGuy
USER: Visitor
PRINT PAGE
Home > Free Security Articles > Tips > Hiring Network Security Professionals March 11, 2010


Free Newsletter
Free Security Articles
Free Security Software
Free Security Tools

Security News

Feedback Form

Site Map


Username

Password

Click here to register.

Hiring Network Security Professionals

Why Would I Need to Hire a Security Professional?

The FBI has estimated that industrial espionage by foreign spies costs US companies $200 billion per year. Companies also face theft from current and former employees, trading partners, and the potential threat from terrorist cyber-attackers. The Gartner Group estimates that fully 70% of all thefts that cause loss to businesses are from insiders.

How To Judge A Candidate

The most important qualification for any security professional to have is experience. Five or more years of experience directly related to security is enough to have seen the trends, understand the mind-set of hackers, and see the common uses and mis-uses of networks.

With the high demand for network security professionals, and the drought of experienced candidates, businesses have been willing to settle for less experienced candidates. A number of organizations have assembled training courses and certification exams to help bring novices to a reasonable level of security understanding.

Certifications

There are a number of certifications offered for security professionals. No one standard has been generally accepted throughout the community, and it will be a while before one emerges at the top of the heap. The top contenders are:
  • CISSP. This exam is considered to be the most difficult, and most comprehensive security exam.
  • Security+. This exam was developed jointly between government, educational and business. It tests many important aspects of the security professional's knowledge.
  • TICSA. Offered by TruSecure, a security services vendor, this exam is being heavily promoted. Check for discounts on exam fees.
  • SANS GIAC Certification. The Global Incident Analysis Center offers a baker's dozen certifications in the security arena. These certifications are, for the most part, vendor neutral. However, they do offer Unix and Windows specific certifications.

There are a number of vendor-specific exams. These include some for Cisco and Microsoft. In general these exams only show competence in implementing and using vendor-specific hardware and network architectures.

Ensure that any security professional you are looking to retain has substantial experience and good references. Look at what they've done for other companies similar to yours, and get references.



Free Computer Security Newsletter
Your email address:

Your name:

Listen to Craig on ClearChannel radio every Saturday from 6 to 9am on WGIR, WGIP and WGIN. Visit WGIR

© Copyright 2003- 2007 DGKL, Inc. PRINT PAGE