Careers & People

1/22/2018
03:32 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ISACA Revamps CSX Practitioner Certification to Meet the Needs of Todays Cybersecurity Professional

Rolling Meadows, IL, USA (18 January 2018) — To reflect the wide-ranging demands on today’s cybersecurity practitioner, ISACA today announced updates to the CSX Practitioner Certification (CSXP) examination, including a transition to online, remotely proctored exams for greater scheduling and location flexibility around the globe.

In addition, the CSXP exam was revamped to fully align with the latest job requirements of cybersecurity practitioners and enable test-takers to demonstrate the hands-on skills companies need to meet today’s cyber threats. CSXP is designed to measure technical skills and abilities in a virtual setting using real-world cybersecurity scenarios.

“No two corporate networks are identical,” said Matt Loeb, ISACA CEO. “This revamped certification equips cybersecurity professionals to demonstrate their cyber incident prevention, detection and response skills across diverse, ever-changing environments.”

The CSX Practitioner certification was introduced in 2015 as the first vendor-neutral, performance-based certification for professionals. The platform was named the 2016 Best Professional Certification Program by SC Magazine’s SC Awards. It remains the only comprehensive performance certification to assess an individual’s ability to perform globally validated, technical cybersecurity skills spanning five security functions – Identify, Protect, Detect, Respond and Recover. Professionals who have earned a CSXP certification demonstrated the ability to be a first responder to cyber incidents, following established procedures and defined processes; firewall, patching and anti-virus experience; and the ability to implement common security controls and perform vulnerability scans and some analysis.

ISACA also developed a new CSXP Exam Prep Course set to debut later this month for individuals and enterprises. The course initially will be available in an on-demand, self-paced format, while in-person training, through global training partners, will be available in the coming months. This comprehensive course of in-depth instruction and hands-on labs is designed to help professionals build critical technical cybersecurity skills through performance-based training in a live network environment – skills that not only prepare users for the CSXP exam, but also help them combat cyber issues.  

Both CSXP certification and the Exam Prep Course are part of ISACA’s Cybersecurity NexusTM (CSX) program, which features hands-on training, certification, educational opportunities, conferences and more – all designed to help address the growing global cybersecurity skills gap. CSX credentials and training are aligned with globally accepted standards and frameworks, including the NIST Framework for Improving Critical Infrastructure Cybersecurity, NIST SP 800-53 Revision 4, ISO 27000, and the COBIT 5 framework.

To meet continuing professional education requirements, those holding the CSXP certification must annually submit CPEs, which may be either knowledge- or skills-based, and they must re-test in year three of their certification cycle.

The new exam is in beta launch through April and is available for $199, a savings of more than 50 percent. Beta exams must be taken by March 31, and scores from the test will be available following the beta period. There are no prerequisites to take the CSXP certification exam.

Additional information on the CSX certification is available at www.cybersecurity.isaca.org/csx-certifications/csx-practitioner-certification.

###

About ISACA
Nearing its 50th year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. Today’s world is powered by technology, and ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its half-million engaged professionals in information and cybersecurity, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 215 chapters worldwide and offices in both the United States and China.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why CISOs Need a Security Reality Check
Joel Fulton, Chief Information Security Officer for Splunk,  6/13/2018
Cisco Talos Summit: Network Defenders Not Serious Enough About Attacks
Curtis Franklin Jr., Senior Editor at Dark Reading,  6/13/2018
Meet 'Bro': The Best-Kept Secret of Network Security
Greg Bell, CEO, Corelight,  6/14/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Surviving the IT Security Skills Shortage
Surviving the IT Security Skills Shortage
Cybersecurity professionals are in high demand -- and short supply. Find out what Dark Reading discovered during their 2017 Security Staffing Survey and get some strategies for getting through the drought. Download the report today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12294
PUBLISHED: 2018-06-19
WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.
CVE-2018-12519
PUBLISHED: 2018-06-19
An issue was discovered in ShopNx through 2017-11-17. The vulnerability allows a remote attacker to upload any malicious file to a Node.js application. An attacker can upload a malicious HTML file that contains a JavaScript payload to steal a user's credentials.
CVE-2018-12588
PUBLISHED: 2018-06-19
Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-1 before 3.1.1-2 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter (aka the S...
CVE-2018-10811
PUBLISHED: 2018-06-19
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
CVE-2018-10945
PUBLISHED: 2018-06-19
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.