cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Newcomer I

Re: CCFP

this kind of behavior from "The Board" just brings up concerns of back-room pressure from competitors such as SANS...the ISC2 members should be notified of the reasons for these decisions since we are the ones paying for books, training and yearly fees for these certifications.
Highlighted
Viewer II

Re: CCFP

Hi Rob

 

The response that you received is really concerning. As one of the authors that wrote several chapters in the CCFP CBK, we were not even notified or even consulted on the decision. I found this to be a real slap in the face after all the work that we put in. 

 

I for one would like to have a reason why it was dropped, and a real honest reason at that.

Highlighted
Advocate I

Re: CCFP

Jason,

 

It’s actually quite difficult to see what the CBK was for the CCFP.  Without additional information on what the certification covered, I kind of side with the board on this one.

 

Certification in the world of forensics is tricky and somewhat misleading.  Many folks rely on digital assistive technology certifications for example, those from Guidance Software or Access Data.  If you were to compare this to another field, for discussion, accounting – then this would be like getting certified in Excel.  With advanced knowledge of Microsoft Excel, you would know the tool well, including use of the formulas and formatting, and you could probably solve basic accounting equations.  On the flip side to that, I wouldn’t want you doing my taxes.

 

There are professional academic degrees in forensics, such as Forensic Accounting, Forensic Psychology and so on, that combine a rigorous education in the discipline combined with significant electives in scientific methodology and law.  Even these programs I think are fairly light – serving as a baseline for those at the entry level.  I believe digital forensics education belongs in this bucket.  Advanced, deep-dive degrees in computer science mixed with scientific method, analysis, and legal education.

 

A flip side to this is investigative or legal professionals that know the legal world well, and are assisted by specialists that may not be “forensicators” in their own right.  These folks could collect facts with the assistance of technical specialists, regardless of if that specialization is in computers, psychology, accounting, etc.  The difference is that these specialists are typically formally licensed.  Most Forensic Accountants have the CPA; Forensic Psychologists are either Medical Doctors or Clinical Psychologists; and Computer and Electronic Engineers have the Professional Engineer qualification.  Those in other forensic sub-disciplines are generally similarly accredited and licensed.  These are example prerequisites for state licensure.  And state licensure is typically required to practice forensics by most States in the USA (unless you are a government agent, or an investigator working on behalf of an attorney).

 

So, in reality the CCFP isn’t going to offer you much in the courtroom.  I believe it may be a good framework of knowledge to familiarize yourself with forensics generally – and could be a good book to read in its own right.  But I don’t believe it fits well as a qualification from (ISC)^2 or anyone else (e.g. SANS) for that matter.

 

Sincerely,

 

Eric B.

Highlighted
Newcomer I

Re: CCFP

I agree with some of your points but also must add that anyone looking for a forensic analyst must look at the whole skillset package of a digital examiner/investigator. Personally, I've made sure to make sure my skillset has multiple facets, (although may be easier for me than others since I am on the Autism spectrum). I did some years on Mainframe operations, some years with mini-computers, been through all the flavours of MS OSes, passed my A+ PC Tech certification, passed my CISSP 15 years ago and just passed my CCFE. (due to ISC2 retiring the CCFP before I was prepared to pass the exam)

I believe that we should strive to pad our teams with people who have unique talents in the IT and IM/IT Security streams, as well as younger members talented with the cyber social genre, in order to equip our Companies and Governmental Agencies with a Cyber/Cloud Security team which is adaptable.

Respectfully, let me make one last point...we must not make the mistake of comparing the traditional fields educated and governed through the University/College Institutions, with the Computer/Digital/Cyber/Cloud fields of technology, for I fear this would greatly limit our collection of the gifted examiners out there who studied, backwards engineered, disassembled and decoded the parts of this unique set of technologies from a young age right in their own homes, compared to fields where it was difficult to study within the home.

Cheers

RJ

Advocate I

Re: CCFP

Robert,

 

I have to respectfully both agree and disagree with some of your points concerning forensics examiners. 

 

Specifically, the CCFP I think applied only and specifically to forensic examiners.  This is a career field in and of itself.  It uses elements and knowledge of Information Technology, but in and of itself is not primarily an Information Technology discipline. 

 

A forensic examiner in any specialization should have, first and foremost, formal training as a scientist or engineer.  This generally only occurs through the formal academic institutions.  While some people develop critical thinking skills on their own through life experience, a forensic examiner’s primary tasks are using critical thinking in proposing a hypothesis, designing and documenting experiments, running the experiments, and documenting the results.

 

That being said, I agree that Information Technology teams should have a blend of skill sets and experience levels.  I believe that for the most part, Information Technology is a trade or neo-Blue Collar work.  On the other hand, conducting formal experiments for the purposes of presenting findings to a court of law is not neo-Blue Collar work – and should be governed through formal academic institutions, education, qualification, and licensing. 

 

I think that the ability to disassemble, reverse engineer, and other skills are extraordinarily good to have.  At the same time, I would want to ensure that the processes used here for forensic purposes, could be defensible in a court of law both through the voir dire of the technologist’s education and through actual application of the scientific process.

 

Sincerely,

 

Eric B.