Posted by William Berry

The new body will provide a forum for its member organizations to collaborate on matters of shared concern.

CompTIA, EC Council, GIAC, ISACA, and ISC2 have recently founded the Cybersecurity Credentials Collaborative.

The Collaborative’s home page contains a mission and purpose statement, which I’ve quoted below.

Mission:

To provide awareness of and advocacy for vendor-neutral credentials in information security, privacy, and related IT disciplines. To advance the craft and practice of certification program development and to provide a forum to collaborate on matters of shared concern.

Purpose:

The purpose of the C3 is to provide a forum for collaboration among vendor-neutral information security and privacy and related IT disciplines certification bodies. That collaboration will result in the advancement of IT careers, a more prepared workforce, greater insight into how these certifications are developed, and how they meet the IT needs for organizations including governments, private enterprises, educational institutions, and the public at large.

A non-exclusive list of collaborative activities is planned to include the following:

• Provide the industry with factual information on how C3 certifications accurately validate knowledge, skills and abilities of the workforce
• Where appropriate, promote a common IT certification message to legislators and government agencies and provide them with accurate information regarding the benefits of these certification programs.
• Identify opportunities for joint projects of the commissioning of 3rd-party research for the advancement of knowledge of vendor-neutral credentials in information security, privacy, and related IT disciplines.

I don’t know enough about the industry (being neither client nor proprietor) as it is now to predict the impact of this development with any authority,but it’s easy to see that the quality of the average certification will necessarily increase if all of the member organizations implement one another’s best practices. That’s not a bad thing in anyone’s book.

What angle will C3 take in promoting “a common IT certification message to legislators and government agencies?” Assuming that the purpose of the effort is ultimately to sell more certifications and training materials, C3 must hope to convince those in government to require more certifications for agency employees, or to subsidize training for young or disadvantaged people who want to pursue IT careers in the private sector. If C3 is successful and I haven’t misread their motives, then getting a government IT job could get a little tougher. Then again, haven’t the member organizations been pursuing similar efforts independently? If so, the impact of the new efforts should be marginal. I don’t have the data.

About the Author: William is a staff writer for the iEntry Network.