FITSI Issues Call for Public Comment on New Performance-Based Certifications for Federal Cyber Security Professionals

 April 18, 2011

    WASHINGTON, D.C. – In March 2010, the Federal IT Security Institute (FITSI) announced a role-based certification program for the civilian, military, and contractor staff who manage, design, operate, and audit federal IT systems. While there are a number of high quality IT security certifications, the differentiating goal of the Federal IT Security Professional (FITSP) certifications is to document an in-depth knowledge of the unique federal IT security management, operational, and technical controls specified by the National Institute of Standards and Technology (NIST).

    FITSI is today announcing five proposed complementary Federal Cyber Security Professional (FCSP) certifications that will build upon the knowledge-based FITSP certifications by demonstrating proficiency in specific IT skills needed to protect and defend federal information systems. The initial FCSP IT skill areas are proposed to include:

• Penetration Tester
• Security Control Assessor
• Incident Handler
• Forensic Specialist
• Network Defender

    Competency would be demonstrated in a rigorous two-day examination process consisting of three phases.  These three phases are proposed to include:  a two-hour multiple-choice exam, a 10-hour hands-on lab exam, and a 4-hour written essay exam. All of these roles are aligned with the Federal Body of Knowledge that the federal government uses to govern its information systems.

    "While the FITSP has been predominately information based, the new FCSP certifications are performance based," Mr. Wiggins said. "Both of these credentials when earned together will demonstrate a professional who is well qualified in very specific areas of cyber security as it relates to the federal government."

    Interested parties can download the first public draft of the planned FCSP certifications at the following site: http://www.fitsi.org/Overview/fcsp.htm. Written comments should be emailed to fcsp-draft1@fitsi.org by May 31^st, 2011.

    About FITSI – The Federal IT Security Institute was launched in November, 2009 with the goal of helping the federal government certify its workforce in the appropriate cyber and IT security knowledge, skills and abilities. Five months later, FITSI introduced its Federal IT Security Professional (FITSP) certification program. Earlier this year, FITSI founder Jim Wiggins was named "Educator of the Year" by the Federal Information Systems Security Educators’ Association (FISSEA). Interested parties can view the FITSI web site at www.fitsi.org.