Leading cyber security certification bodies CREST and
EC-Council have announced mutual equivalency for their professional entry-point
technical qualifications. This significant initiative reflects the
need to create an industry framework for equivalent technical cyber security
qualifications measured against the same criteria to replicate the approach in other professions.
The announcement helps to address the confusion around
qualifications, providing clear development credentialed pathways and access to
professional careers. This gives the buying community a much better idea
of the level of skill, knowledge and competence of the individuals, allowing
them to recruit and contract in a more informed and intelligent manner. Both CREST and EC-Council qualifications are recognised globally and have been
formally reviewed by governments and regulators.
The direct equivalency relates to the EC-Council
Security Analyst (ECSA v10) qualification with the CREST Practitioner Security
Analyst (CPSA) qualification. In addition, equivalency can also be granted for
the for ECSA (Practical) with the CREST Registered Tester (CRT) certification,
provided that the candidate already holds a valid CREST CPSA
qualification. The requirement that a Code of Conduct is signed remains
an important part of the process ensuring ethical practices within the
industry. Re-examination and Continuous Professional Development are
required to retain the qualifications to ensure currency.
“This formal agreement with EC-Council reflects the growing
demand for skilled and experienced penetration testers and helps to establish a
global ecosystem of certified professionals so that companies and organisations
anywhere in the world have the confidence and trust in their purchasing and
recruitment decisions” said Ian Glover, president of CREST.
“This collaboration offers major benefits for current
CREST and EC-Council professionals certified via rigorous hands-on exams that
are proctored and is a testament of the high-quality exams provided by both organizations.
Building professional, well-defined career pathways will encourage more
high-quality entrants to the industry, to create a larger pool of certified and
trusted professionals. It also presents greater international job
opportunities for penetration testers globally,” added Jay Bavisi, President of
EC-Council Group.
About CREST
CREST is a not-for-profit accreditation and certification body that represents and supports the technical information security industry. CREST provides internationally recognised accreditations for organisations providing technical security services and professional level certifications for individuals providing penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services. CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure currency of knowledge in fast-changing technical security environments the certification process is repeated every three years.
CREST is governed by an elected Executive of experienced security professionals who also promote and develop awareness, ethics and standards within the cyber security industry. CREST supports its members and the wider information security industry by creating collaborative research material. This provides a strong voice for the industry, opportunities to share knowledge and delivers good practice guidance to the wider community.
For more information about CREST, please see www.crest-approved.org
About EC-Council:
EC-Council has been the world’s leading information
security certification body since the launch of their flagship program,
Certified Ethical Hacker (CEH), which created the ethical hacking industry in
2002. Since the launch of CEH, EC-Council has added industry-leading programs
to their portfolio to cover all aspects of information security including EC-Council
Certified Security Analyst (ECSA), Computer Hacking Forensics Investigator
(CHFI), Certified Chief Information Security Officer (CCISO), among others.
EC-Council Foundation, the non-profit branch of EC-Council, created Global
CyberLympics, the world’s first global hacking competition. EC-Council
Foundation also hosts a suite of conferences across the US and around the world
including Hacker Halted, Global CISO Forum, TakeDownCon, and CISO Summit.
For more information about EC-Council, please see http://www.eccouncil.org.
Source https://blog.eccouncil.org/crest-and-ec-council-announce-certification-equivalency-for-penetration-testers/