Continued pressure on cybersecurity systems is making professionals with security and forensic experience extremely attractive to employers. Not surprisingly, related certifications are gaining more attention, including one of the newer ones: the CCFP, or Certified Cyber Forensics Professional from the (ISC)².
According to (ISC)² Executive Director W. Hord Tipton, the organization saw a need for a certification that was broader than those available for professionals working in and around law enforcement, intelligence, litigation, consulting and computer security. The CCFP’s target audience is a rather wide swath of the IT forensics industry—including digital forensic examiners, cybersecurity professionals, computer forensic engineers and managers, digital forensic and e-discovery consultants, cyber intelligence analysts and computer forensic consultants.
While the number of people currently holding the certification remains low, Tipton says the organization’s policy is not to grandfather people into the CCFP. Since it became available in September 2013, 75 people have earned the designation, 47 of them in the U.S. “The certification is built around academic background, experience and performance,” says Tipton. “The exam itself is difficult to pass, but the more difficult piece of the certification is the experience requirement.” Among the organization’s certifications, the CCFP requires candidates to have the most years of industry-related experience.
The CCFP exam covers a number of domains including legal and ethical principles, investigations, forensic science, digital forensics, and hybrid and emerging technologies. The examination, which costs $549, is a multiple-choice test with scenario-based questions. You’ll need the classroom or online training seminars run by (ISC)², which cost anywhere from $2,500 to $2,700, to help pass.
Candidates are required to have a four-year college degree and three years of full-time digital forensics or IT security experience in three out of the six domains mentioned above. If you don’t hold a college degree, you’ll have to have six years of experience. You’ll also need an endorsement from a professional currently holding any one of (ISC)²’s certifications. Without the endorsement, the process becomes more onerous, requiring detailed proof of work experience.
How does the CCFP stack up against other IT forensic credentials? A dozen or more certifications and undergraduate and graduate level programs with certifications attached compete with it, including the Certified Computer Examiner and Certified Forensic Computer Examiner. For entry-level professionals, one of the more popular credentials is the Computer Hacking Forensic Investigator. Those in midcareer often select the Professional Certified Investigator. The CCFP—given the breadth of information you’ll need to know to earn it—is directed at midcareer professionals. It’s a certification also suited to someone looking to move up to the management level, says Rich Mogull, CEO and Analyst at Securosis, a Phoenix-based security research and advisory firm.
The vendor-neutral CCFP covers a broad range of computer-forensic knowledge, including emerging technologies in the space.Since there’s no real standardization in computer forensics, Mogull says, a vendor-neutral certification demonstrates that you understand more than one specific tool and are thinking in a holistic manner.
A Leap of Faith
As with any new credential, investing the time and money into pursuit of the CCFP requires something of a leap of faith, since you can’t predict whether obtaining it will result in a pay premium for you. “There’s always going to be worries about being an early adopter,” says Ed Tittel, a Round Rock, Texas consultant who specializes in information security, markup languages and networking technologies. It does help that the (ISC)² sponsors one of the more popular and in-demand certifications for IT security experts—the CISSP, or Certified Information Systems Security Professional. That makes the CCFP much more likely to get on the radar of hiring managers and recruiters.