As technology continues to evolve and more users and organizations migrate information storage to “the cloud,” concerns are emerging of the degree to which data will remain secure as it travels back and forth through the Internet. Cloud-based file and program storage can significantly improve the workflows and management capabilities of individuals and teams, yet it also requires confidence that sensitive information will be protected from hacking attempts.
Information assurance professionals work to provide that confidence, safeguarding user information against attackers and protecting the security and stability of clients who rely on cloud computing in their personal or business lives.
Information assurance is a relatively new field, and while education in Information Technology is important at the undergraduate and graduate levels, a key factor that may differentiate information assurance professionals is the continued holding of certain certifications. To start, you may wish to peruse job listings in your area to see which certifications tend to be expected in your region or area of expertise.
As noted elsewhere on this site, you may alternatively encounter requests for various certifications like the MCTS (Microsoft Certified Technology Specialist), the CISSP (Certified Information Systems Security Professional), the Security+, the CompTIA A+ or the PMP (Project Manager Professional) certifications. These options are available to those with multiple areas of interest in IT, with several different options pertaining to the information security areas relevant to an information assurance professional.
For those specifically interested in information assurance, however, another set of certifications may be worth pursuing as well: those offered through the GIAC (Global Information Assurance Certification) program. Founded in 1999, the GIAC program is an information security certification that focuses specifically on the technical skills required by practicing information assurance professionals. Trusted by thousands of organizations and government agencies, including the National Security Agency (NSA), the GIAC program shows potential employers that skills obtained through education, such as through a Master’s of Science in Information Technology (MSIT), are deep, effective and up-to-date.
GIAC certifications are available in a number of different areas, including eight that are recognized by Department of Defense Directive 8570 as suggested certifications for government information assurance professionals. Users can elect, for example, to gain certification in Security Essentials, Windows Security, Security Leadership or InfoSec Project Management. A complete list of GIAC certification options, including a roadmap for certification, is available on the GIAC website.
GIAC exams can be taken at different levels. The basic certification requires passing only a multiple-choice exam, while Gold-level status adds the requirement of a written technical report. The GIAC website recommends training courses in relevant areas before registering to take a test, as even experienced professionals may require some review to pass. Certifications are valid for four years, after which professionals must register to retake their exams in order to remain certified.
As with other IT certifications, professionals who obtain one or more GIAC certifications stress to both current and future employers that their skills are highly developed and their personal initiative to excel in the industry is strong. In some cases, current certifications may be used to gauge upward mobility within a company, helping professionals reach their potential and boosting their career success.
Whatever certification pathway you decide to pursue, continued commitment to both your skills and certifications stands to significantly enhance your resume above and beyond the formal education of your bachelor’s or master’s degree.