Careers & People

1/22/2018
03:32 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ISACA Revamps CSX Practitioner Certification to Meet the Needs of Todays Cybersecurity Professional

Rolling Meadows, IL, USA (18 January 2018) — To reflect the wide-ranging demands on today’s cybersecurity practitioner, ISACA today announced updates to the CSX Practitioner Certification (CSXP) examination, including a transition to online, remotely proctored exams for greater scheduling and location flexibility around the globe.

In addition, the CSXP exam was revamped to fully align with the latest job requirements of cybersecurity practitioners and enable test-takers to demonstrate the hands-on skills companies need to meet today’s cyber threats. CSXP is designed to measure technical skills and abilities in a virtual setting using real-world cybersecurity scenarios.

“No two corporate networks are identical,” said Matt Loeb, ISACA CEO. “This revamped certification equips cybersecurity professionals to demonstrate their cyber incident prevention, detection and response skills across diverse, ever-changing environments.”

The CSX Practitioner certification was introduced in 2015 as the first vendor-neutral, performance-based certification for professionals. The platform was named the 2016 Best Professional Certification Program by SC Magazine’s SC Awards. It remains the only comprehensive performance certification to assess an individual’s ability to perform globally validated, technical cybersecurity skills spanning five security functions – Identify, Protect, Detect, Respond and Recover. Professionals who have earned a CSXP certification demonstrated the ability to be a first responder to cyber incidents, following established procedures and defined processes; firewall, patching and anti-virus experience; and the ability to implement common security controls and perform vulnerability scans and some analysis.

ISACA also developed a new CSXP Exam Prep Course set to debut later this month for individuals and enterprises. The course initially will be available in an on-demand, self-paced format, while in-person training, through global training partners, will be available in the coming months. This comprehensive course of in-depth instruction and hands-on labs is designed to help professionals build critical technical cybersecurity skills through performance-based training in a live network environment – skills that not only prepare users for the CSXP exam, but also help them combat cyber issues.  

Both CSXP certification and the Exam Prep Course are part of ISACA’s Cybersecurity NexusTM (CSX) program, which features hands-on training, certification, educational opportunities, conferences and more – all designed to help address the growing global cybersecurity skills gap. CSX credentials and training are aligned with globally accepted standards and frameworks, including the NIST Framework for Improving Critical Infrastructure Cybersecurity, NIST SP 800-53 Revision 4, ISO 27000, and the COBIT 5 framework.

To meet continuing professional education requirements, those holding the CSXP certification must annually submit CPEs, which may be either knowledge- or skills-based, and they must re-test in year three of their certification cycle.

The new exam is in beta launch through April and is available for $199, a savings of more than 50 percent. Beta exams must be taken by March 31, and scores from the test will be available following the beta period. There are no prerequisites to take the CSXP certification exam.

Additional information on the CSX certification is available at www.cybersecurity.isaca.org/csx-certifications/csx-practitioner-certification.

###

About ISACA
Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its half-million engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 215 chapters worldwide and offices in both the United States and China.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESET,  7/12/2018
What's Cooking With Caleb Sima
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14339
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the MMSE dissector could go into an infinite loop. This was addressed in epan/proto.c by adding offset and length validation.
CVE-2018-14340
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, dissectors that support zlib decompression could crash. This was addressed in epan/tvbuff_zlib.c by rejecting negative lengths to avoid a buffer over-read.
CVE-2018-14341
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the DICOM dissector could go into a large or infinite loop. This was addressed in epan/dissectors/packet-dcm.c by preventing an offset overflow.
CVE-2018-14342
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the BGP protocol dissector could go into a large loop. This was addressed in epan/dissectors/packet-bgp.c by validating Path Attribute lengths.
CVE-2018-14343
PUBLISHED: 2018-07-19
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer.