Small and medium sized businesses interested in contracting with an IT consulting firm as part of a managed programs approach to IT services may want to inquire about the certifications held by the individuals who will be visiting its premises to install and maintain essential software.
When it comes to certifications for information security skills, the most desired ones for 2012 are expected to be the CISM, CISSP, GIAC, and GEH. Such certifications require candidates to possess extremely high levels of current information and skill sets for working with networks in the business environment, but they also demand something extra. Candidates must meet the rigorous ethical standards required by the program.
For example, the certification firm (ISC)2, which offers the CISSP (Certified Information Systems Security Professional) certification, appeals to Abbas Kudrati, who manages information security for Kuwait’s National Bank. "I look for certified candidates specifically from (ISC)2 and ISACA because of their stringent implementation of code-of-ethics," Kudrati explained. "At (ISC)2 or ISACA, you don't get the title by just passing an exam. Individuals are held to much higher standards and above all trained to discharge professional responsibilities with integrity. If I am giving my entire bank's network to an individual for testing I need to have some assurance that they are ethical."
The GIAC (Global Information Assurance Certification) is another certification in high demand. Specialists holding this certification are skilled in areas related to forensic analysis of network security as well as incident response. Earning the certification requires hand-on experience in the field.