New Security Specialist certifications cover IOS, firewalls and VPNs
Cisco lists certifications in two broad categories: career certifications and specialist certifications. The career certifications include the broad and more commonly known certifications, like the CCNA, CCNP, and so on. The specialist certifications cover a narrower range of topics - sometimes directly overlapping with the technology in the career certifications, and sometimes covering topics outside the career certifications.
Before this week, Cisco already had several specialty certifications related to security. Cisco's adding three back to the mix this week:
- Cisco IOS Security Specialist
- Cisco Firewall Security Specialist
- Cisco VPN Security Specialist
How do you get these? Well, you simply pass one or two of the current CCNP Security exams, and meet the pre-requisite of needing a current CCNA Security certification. These certs map directly to the exams in the new CCNP Security certification. If you pass all four exams to get your CCNP Security cert, you could earn 5 total specialty certs - the three above, plus the IPS and ASA specialty certifications.
Cisco announces new CCNP Security career certification
Why the Focus on Security?
The bigger question that comes to mind is why all this focus on security?
1) Security Requires Role redundancy: Simply put, you can't go without a qualified person for short to medium periods of time. Everyone has to have some time off, go to classes and meetings, and so on, and the risk associated with having your only skilled person gone and unavailable is too much. The solution? At least have role redundancy, that is, have multiple people with real skills for each part of the security puzzle. Common sense, but this is one of the reasons highlighted by Cisco.
2) Security Personnel Turnover Expected to Increase: Cisco reviewed generally the assertion that demand for network security engineers will exceed the supply for the foreseeable future, and that Cisco was trying to help the market through these new exams and courses (last fall) and these new specialty certifications. Taking that at face value, it's a microeconomics 101 issue: demand exceeds supply, which drives up how much security engineers are paid. That means turnover as more security engineers go for new higher-paying jobs. And it creates an opportunity to learn security and get dragged along into job opportunities and higher pay.
Then, you tag team that idea with the chance of going months without key network security personnel after someone goes to a new job, then the need for role redundancy is greater - which means most organizations should be scrambling to increase security skills of the existing staff.
So, that's some of the substance of what I heard from Cisco. However, I was a bit skeptical, and asked if they had any publicly available data to back up the baseline assumption: security personnel demand does/will exceed supply. Cisco cited three references:
A 2010 CCIE survey, which showed that security is the top skill needed over the next 5 years. (Survey is dated Feb 2009.)
A 2009 Forrester research study, published on Cisco's web site. This survey asserts that managers need to focus on roles, coverage, and that managers claim that they look at certifications to validate skills. If you look closely, those certs follow behind the idea of looking for experience. (I have to admit, reading the report, it made me wonder if the objective was to favor certifications, but you can make your own assessment.)
An article on the HomelanSecurityNewsWire.com web site, which has some real evidence of the demand exceeds supply argument. In particular, this article sites competition with the private sector for security engineers and that the candidates currently filling the technical security jobs simply aren't technical.
origianl article by Wendell Odom http://www.networkworld.com/news/2011/020311-cisco-announces-three-security-certifications.html?page=1
No comments:
Post a Comment