(ISC)2 (ISC-squared) has developed a new certification, the Certified Cyber Forensics Professional (CCFPSM), as the first global standard for assessing experienced digital forensics professionals’ mastery and professionalism. The credential, initially available for the US and South Korea beginning September 25, 2013, is designed to provide digital forensics employers and the legal community with validation that a digital forensics professional can lead digital investigations that yield complete, accurate and reliable results.
The CCFP spans the digital forensics and information security disciplines. It reflects internationally accepted standards of practice, forensic techniques and procedures and the legal and ethical principles required of digital forensics professionals. The CCFP will provide employers with an objective measure of the kind of broad-based, but deep knowledge required of today’s experienced cyber forensics professionals.
As with all its credentials, (ISC)² conducted a job task analysis (JTA) study and exam development workshops to determine the scope and content of the CCFP credential programme. Subject matter experts from the (ISC)² membership and organisations from Africa, Australia, Canada, Hong Kong, India, the Netherlands, Singapore, South Africa, South Korea, the United Kingdom and the United States contributed to develop the Common Body of Knowledge (CBK) that serves as the foundation for the credential, as well as the exam questions.
The CCFP provides multiple benefits to experienced cyber forensics professionals and to the organisations that employ them. For professionals, CCFP certification helps them to:
* Validate and enhance their standing as advanced cyber forensics professionals with a comprehensive, credible certification;
* Instill employer confidence in their abilities and expand career opportunities with a credential that confirms their current expertise as well as their capacity to grow and evolve with the forensics industry;
* Perform international forensics investigations, knowing that their CCFP counterparts in other countries will be using a common globally recognised body of knowledge; and
* Pursue ongoing education covering the latest advances in digital forensics science through the (ISC)2 periodic recertification process.
For organisations, the CCFP offers:
* Confidence that their team has the knowledge and skills necessary to conduct forensically sound and accurate investigations and serve as undisputed experts in courts of law;
* An inherent screening tool and standardised measure of qualification to advance their digital forensics teams by hiring and promoting the most qualified professionals;
* Increased organisational integrity, credibility in the eyes of clients/stakeholders;
* Peace of mind that their cyber forensics team is committed and capable of progressing with the forensics field through the CCFP’s necessary Continuing Professional Education (CPE) requirements.
“Digital forensics professionals are becoming more and more essential to the security posture of any organisation,” said W. Hord Tipton, CISSP-ISSEP, CAP, CISA, executive director of (ISC)². “The CCFP is a comprehensive, expert-level programme that fills a significant void in the digital forensics certification market by validating the depth of senior-level professionals’ experience and expertise. It assures credential holders have the necessary breadth and depth of knowledge and thinking skills needed to address today’s complex cyber forensic challenges.”
“Today, cyber forensics is a discipline in its own right, with its requirement now essential across the digital landscape, including mobile. Given the international nature of cybercrime, it is vital that sound and commonly understood principles in the field be established, that these encompass the entire forensic process – right from discovering and handling evidence to keeping records in a manner that meets the needs of business, law enforcement and legal communities, and that these principles can be understood across borders,” said John Colley, managing director for (ISC)2 EMEA. “The forensics professional must also be cognizant of laws and rules for evidence handling within the jurisdictions in which they operate. The CCFP has been developed to support both requirements.”
To attain the CCFP, applicants must hold a four-year degree leading to a Baccalaureate, or regional equivalent and have at least three years of full-time, professional experience in digital forensics or IT security in three out of the six domains of the credential. Those not holding a degree must have six years of full-time digital forensics or IT security work experience in three out of the six domains of the credential OR an alternate forensics certification approved by the (ISC)² and five years of full-time digital forensics or IT security experience in three out of the six domains of the credential. All candidates must be able to demonstrate capabilities in each of the six CBK domains:
* Legal & Ethical Principles
* Forensic Science
* Digital Forensics
* Application Forensics
* Hybrid & Emerging Technologies
Glenn Dardick, director of the Association for Digital Forensics, Security and Law (ADFSL), commented, “Today, it would seem obvious that it is no longer a question of if, but when a system or network will be breached. The severity and implications of such breaches – scope, financial, legal, etc. - may well rely not only on how well the risks have been mitigated, but on how well the resulting costs have been minimised. While protecting the systems and networks have traditionally been viewed as the domain of information systems security, the incident response costs have often depended on the domain of cyber forensics and the ability to determine the cause and extent of such breaches. The domains of information systems security and cyber forensics have long overlapped and have now become interdependent in that they are most effective when professionals are knowledgeable and certified to be proficient in both of those domains.”