Guide to information security certifications

For this update to our survey we added only one new vendor-neutral certification, the GIAC Certified Incident Manager, or GCIM. On the other side of the table, numerous items were deleted or removed. 12 full-blown vendor-neutral credentials were dropped for reasons that vary from no information available, to no visible signs of life, to a virus lurking on the program's home Web page. We can't take a security program seriously if its operator lets its website attempt to download viruses to its visitors. We also decided to drop individual Brainbench security exams, because they don't lead to certification in and of themselves, which drops the vendor-neutral count by another 5 items. We also did away with coverage of the GIAC certificate and specialist items to drop another 23 items. Thus, our total dropped item count for vendor-neutral certifications is 39. In addition, 11 vendor-specific credentials were dropped, for reasons that vary from cancellation of the program (Symantec), obsolescence of the platform (Windows Server 2000), lack of information available (Cisco IPS) or lack of substantial security content (NCTE and NCDE).