Enemy at the Cyber Security Gates
Nobody wants to be the person who was responsible for security when a major breach happened. As the world increasingly becomes a hotbed of hacking and intrigue, more attention than ever is being drawn to the competence of IT security staff. Officials at the Pentagon have for years been warning of dire consequences of cyber attacks that can impact military or vital civilian infrastructure. In 2013 President Obama dealt with the issue with an executive order calling on the government to mandate cyber security certification requirements in the awarding of federal contracts. This directive requires that staff responsible for security have recognized qualifications such as the vendor-neutral CompTIA Advanced Security Practitioner (CASP) certification.
Industrial control systems, which control such critical arteries as utilities and sewage treatment, now require continuous monitoring, a much more rigorous standard than the previous practice of being checked every three years. Federal and state officials are pushing for greater security in the financial industry and in outside vendors who deal with the government, including law firms, accounting firms and marketing companies.
This has been pushed higher up the political agenda by an ongoing wave of cyber crime. One of the most recent high profile breaches was during the summer when 76 million households and seven million small businesses had their financial information compromised in an online attack on JPMorgan, leading some people to speculate that the size and scope of such institutions has made them “too big to secure”. Other high profile companies like Comcast and several financial institutions are said to be under a constant “siege” from online threats, some emanating from teenagers, but others from overseas locations such as former Soviet bloc countries. All of this sounds ominous to officials who are all too aware that cyber attacks preceded Russian military action in Georgia and Crimea.
In an unstable world that is more connected than ever, more governments are taking network security so seriously that it has become a high profile political issue. More attention than ever is being focused on the credentials of the people who are tasked with keeping networked systems secure. The size and complexity of IT systems creates a lot of potential points of failure. Rather than prescribing specific security measures, governments can only take effective action by focusing on the qualifications of IT security personnel who are now on the front lines of international commerce and are increasingly important in military environments.
So what kind of challenges would such a person be likely to face? Imagine you are performing a routine check of the corporate network and notice a workstation with multiple SSH connections going outside the network and large volumes of data going out. When you identify the user you realize that it is their last day of employment. What kind of tactic is being used to steal company secrets? If you answered “data exfiltration” then you are correct.
This is the kind of question that candidates are asked in the CompTIA CASP exams. CASP is a higher level of qualification above CompTIA Security+. As well as testing specific technical know-how, it also tests critical thinking skills in devising more secure enterprise systems.
CASP is held in such high esteem that it is recognized by Dell, HP, and even the US Department of Defense as part of its Information Assurance Workforce Improvement Program. Indeed in keeping with the trend of more government involvement in pushing for higher security standards, the DOD worked directly with CompTIA and had a hand in determining the content of this networking security exam under its 8570.01-M criteria. It is a baseline certification for their IAT Level III, IAM Level II, and IASAE Level I and II.
While there is no mandatory prerequisite, this qualification is very much for seasoned professionals, and it is recommended that nobody take it without ten years of experience in the IT industry, five of those focused on security.
CASP is a pathway to a career as an IT Specialist working as an Information Security (InfoSec) professional, risk manager or analyst, security architect, or a penetration tester, also known as an “ethical hacker” who tests network security measures by attempting to circumvent them. Maintaining CASP certification requires that the exam be re-taken every three years, a frequency that reflects the quickly changing landscape of a field that is dominated by the ongoing arms race between cyber criminals and the gatekeepers of networks.
Changes in IT have led to many jobs being made obsolete and entire career fields have been eliminated, but cyber security is certainly not one of them. It can only grow as IT systems form larger and more tempting targets for the growing number of bad guys.