Keeping Up with the Black Hats - 13 Mar 2002

Most certifications demonstrate only that you knew a product or an OS when you passed the exams. However, as new technology emerges and software vendors release updates and new versions, exams can become outdated quickly. My MCSE certification will be 8 years old in June. I had to renew the certification in 1996 and 1997 after Microsoft released Windows NT 4.0, but I didn't start the Windows 2000 renewal process until 2000. I still have one exam to go. By the time I'm finished, almost 5 years will have passed since I earned my NT 4.0 certifications. I need to stay on top of new technology to do my job well, but Microsoft doesn't require me to show that I update my knowledge. In fact, very few certifications demonstrate that you've kept up with changes that have occurred since you passed the tests.

The Global Information Assurance Certification (GIAC) program's stance is that because the black hats are always trying to find new ways into your systems, you don't have the luxury of resting on your laurels. Each GIAC security certification has an expiration period that depends on GIAC's estimation of how quickly the subject area changes, not on the release of new versions of a product.

The mandatory renewal period for most GIAC certifications is 2 years. You have no option to postpone the renewal, and because the renewal requires that you pass new exams, you'll probably start preparing 3 to 6 months before the deadline. This means that GIAC-certified professionals have only about 18 months to admire their GIAC certificates before they must begin to prove themselves again.

The renewal process is straightforward and relatively inexpensive. GIAC charges $120 to take the renewal exam, but that fee also buys you access to the online courseware so that you can learn about what's new and prepare for the exam. And if you're renewing multiple certifications in the same year, you only have to pay that fee once. The GIAC has a "use it or lose it" attitude toward its certifications, but it doesn't make the renewal process so burdensome as to discourage you from maintaining your certifications.

I like the idea of forcing people to prove that they've kept their skills current. The renewal process makes especially good sense for security certifications, but the idea has validity for Microsoft and Cisco Systems certifications too. Both Microsoft and Cisco release patches and service packs regularly, and both companies regularly include additional functionality with service packs. Just a few rounds of service packs and patches can create a significant divide between what you studied for your exams and the current technology.

GIAC appears to have learned a few lessons from Microsoft's mistakes. The process is demanding enough that only dedicated individuals will attempt it; the topics are relevant to the current state of the technology, which should result in direct improvements in the quality of security management; and the maintenance requirements are sufficient to weed out those who are inclined to let their skills slip. I believe we have a new standard in the certification business.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.