Success Factors and Pitfalls in Security Certifications
Abstract:
Modern society is increasingly dependent on information systems. These systems have, however, vulnerabilities which open an attack route to the key functions of society, including critical infrastructures. There is increasing demand of assurance that the vulnerabilities are under control. Security certifications have been created to respond to this need. They are used as quality labels, a valid and reliable assurance of security. Despite their usefulness, certifications are not perfect. This article presents an analysis of success factors and pitfalls in three categories of certifications: products, security management systems, and security professionals.
AUTHORS
Gemalto Oy, a Thales Company Vantaa,
Finland
Helvi Salminen has worked in information security since June 1990. Before her security career, she worked in systems development for 12 years. Ms Salminen is founder member of Finnish Information Security Association and president of ISACA Finland Chapter. She is a qualified CISA, CISSP, & SABSA. She was awarded as CISO of the year in Finland 2014. She taught information security in the lifelong learning centre of Helsinki University of Technology (now Aalto University) between 2000 and 2014. She has also given lectures in security seminars and conferences in Finland and abroad.
Published In
Keywords
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive
