Careers & People

1/22/2018
03:32 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ISACA Revamps CSX Practitioner Certification to Meet the Needs of Todays Cybersecurity Professional

Rolling Meadows, IL, USA (18 January 2018) — To reflect the wide-ranging demands on today’s cybersecurity practitioner, ISACA today announced updates to the CSX Practitioner Certification (CSXP) examination, including a transition to online, remotely proctored exams for greater scheduling and location flexibility around the globe.

In addition, the CSXP exam was revamped to fully align with the latest job requirements of cybersecurity practitioners and enable test-takers to demonstrate the hands-on skills companies need to meet today’s cyber threats. CSXP is designed to measure technical skills and abilities in a virtual setting using real-world cybersecurity scenarios.

“No two corporate networks are identical,” said Matt Loeb, ISACA CEO. “This revamped certification equips cybersecurity professionals to demonstrate their cyber incident prevention, detection and response skills across diverse, ever-changing environments.”

The CSX Practitioner certification was introduced in 2015 as the first vendor-neutral, performance-based certification for professionals. The platform was named the 2016 Best Professional Certification Program by SC Magazine’s SC Awards. It remains the only comprehensive performance certification to assess an individual’s ability to perform globally validated, technical cybersecurity skills spanning five security functions – Identify, Protect, Detect, Respond and Recover. Professionals who have earned a CSXP certification demonstrated the ability to be a first responder to cyber incidents, following established procedures and defined processes; firewall, patching and anti-virus experience; and the ability to implement common security controls and perform vulnerability scans and some analysis.

ISACA also developed a new CSXP Exam Prep Course set to debut later this month for individuals and enterprises. The course initially will be available in an on-demand, self-paced format, while in-person training, through global training partners, will be available in the coming months. This comprehensive course of in-depth instruction and hands-on labs is designed to help professionals build critical technical cybersecurity skills through performance-based training in a live network environment – skills that not only prepare users for the CSXP exam, but also help them combat cyber issues.  

Both CSXP certification and the Exam Prep Course are part of ISACA’s Cybersecurity NexusTM (CSX) program, which features hands-on training, certification, educational opportunities, conferences and more – all designed to help address the growing global cybersecurity skills gap. CSX credentials and training are aligned with globally accepted standards and frameworks, including the NIST Framework for Improving Critical Infrastructure Cybersecurity, NIST SP 800-53 Revision 4, ISO 27000, and the COBIT 5 framework.

To meet continuing professional education requirements, those holding the CSXP certification must annually submit CPEs, which may be either knowledge- or skills-based, and they must re-test in year three of their certification cycle.

The new exam is in beta launch through April and is available for $199, a savings of more than 50 percent. Beta exams must be taken by March 31, and scores from the test will be available following the beta period. There are no prerequisites to take the CSXP certification exam.

Additional information on the CSX certification is available at www.cybersecurity.isaca.org/csx-certifications/csx-practitioner-certification.

###

About ISACA
Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its half-million engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 215 chapters worldwide and offices in both the United States and China.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
Why Enterprises Can't Ignore Third-Party IoT-Related Risks
Charlie Miller, Senior Vice President, The Santa Fe Group,  5/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-11311
PUBLISHED: 2018-05-20
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
CVE-2018-11319
PUBLISHED: 2018-05-20
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to ...
CVE-2018-11242
PUBLISHED: 2018-05-20
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
CVE-2018-11315
PUBLISHED: 2018-05-20
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a ho...
CVE-2018-11239
PUBLISHED: 2018-05-19
An integer overflow in the _transfer function of a smart contract implementation for Hexagon (HXG), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets by providing a _to argument in conjunction with a large _value argument, as exploited in the wild in ...