Thursday, October 9, 2014

ISACA's new Cybersecurity Nexus

ISACA, the professional association for those involved in IT Audit and Controls, has decided to move into the realm of "cybersecurity" with their Cybersecurity Nexus (CSX).

I've been a member off and on for several years, but for me the group was about IT audits and IT control, such as COBIT.  I joined other organizations for cybersecurity, such as ISSA, and SANS.  I don't know why ISACA feels they need to move into that area, it's not like there is a need for yet another group involved here.

Further, as part of this, they've created a new entry level certificate, Cybersecurity Fundamentals.  This is meant for those just getting into cybersecurity.  It has no experience requirements, nor does it expire.  For me, certificates that don't require experience or don't expire are not as valuable as those which do.  And unlike ISACA's other certifications, this one is taken on-line on-demand.

I'm one of those people who doesn't see the value in duplicating effort.  I feel they are duplicating effort that is already being done by other organizations (ISSA, ISC(2), SANS, etc).  I'd rather see them partner with an existing group then move beyond their "core purpose".

Any other thoughts?


No comments:

Post a Comment