2008 was quite a year for change in the IT certification and training industry. The segment of IT certification that saw the most increase was Information Assurance, aka IT security.
The DoD Directive 8570 has paved the way for this stunning growth in the IT security sector. Certifications like Security+ and the CISSP, which were before looked at as nice additions to one’s resume, have become mandated for IA government employees.
But this isnt the only reason information assurance training and certification have made such a big push over the last year. Two other main reasons are 1) information intrusions and 2) marketing.
Throughout 2008 we had a handfulof stories about laptops being lost and information being compromised. Not to mention identity theft, it grows more prevalent every day. So the need to lock down and secure information on a macro and micro level is huge. The IT security job sector is the fastest growing job sector in IT and professionals with the right skills and certifications can still almost demand their salary range.
Marketing played a huge role in the growth of IT security and information assurance certifications and the organization that I can attribute much of that to is the EC-Council. In fact, their marketing when it comes to the Certified Ethical Hacker (CEH) has been fantastic. They weren’t even the ones to pioneer the penetration testing and network intrusion vulnerability certification space, but they lead the charge and have done so for the past few years. In fact, Mile 2 came out with their hacking / security certification before EC-Council, and many security experts argue that their content is better. But like Microsoft taught us with the initial expansion of Windows, the product is only a small fraction of the overall growth and popularity of a product.
So the trend in 2008 in IT security (information assurance) was the penetration testing / hacking training and certification. The Certified Ethical Hacker (CEH) exploded, and 2009 that will continue to be the case.
The next thing to emerge this year though, will be the Computer Hacking Forensics Investigator (CHFI), also by the EC-Council. Its best fit for those who have already taken the CEH, but that isn’t 100% necessary (although it makes complete sense to take CEH first, trust me). The CHFI takes you, the information assurance expert, into the path of the cyber criminal. You learn to track the cyber crime by retracing the steps of the hacker. Pretty cool, yes. Ton of fun, absolutely.
So happy new year to all in the IT industry, computer training, certification and everyone else. In 2009 watch for the hot information assurance space to blow up even more than it did last year. The two leading the pack, CEH and CHFI. I’ll post more soon about the Computer Hacking Foresics Investigator.