CERT-Certified Computer Security Incident Handler

The speed with which an organization can recognize, analyze, and respond to an incident will limit the damage done and lower the cost of recovery!

Even the best information security infrastructure cannot guarantee that intrusions or other malicious acts will not happen. When information or technology incidents occur, it will be critical for an organization to have an effective program, process, and qualified individuals responding.

The CERT-Certified Computer Security Incident Handler (CSIH) certification program has been created for

• computer network incident handling and incident responder professionals

• computer security incident response team (CSIRT) members and technical staff

• system and network administrators with incident handling experience

• incident handling educators

• cyber security technical staff

The certification is recommended for those computer security professionals with one or more years of experience in incident handling and/or equivalent security-related experience. Although completion of training is not a requirement, we highly recommend that each applicant ensure they have studied appropriately for the examination. SEI courses recommended as preparation for the examination are:

• Fundamentals of Incident Handling

• Advanced Incident Handling

• Information Security for Technical Staff

• Advanced Information Security for Technical Staff

SEI CERT provides certification and training programs to support the needs of DoD 8570 and provide military, civilian, and contract personnel who handle information assurance for DoD systems with the appropriate certification and training needed for the job they perform. The SEI’s CERT Virtual Training Environment provides on-line courses that support several certification programs, as well as development of core IA skills. 

Why become certified as computer security incident handler?

Every organization relies on professionals who are highly skilled in various computer security practices to operate successfully in today’s environment. These same organizations have discovered that using certifications is a way to identify, hire, and promote motivated and skilled individuals in the workforce. Recently the US DoD passed a new directive (8570.1M) that mandates all DoD Information Assurance personnel must obtain and maintain a security certification pertinent to their job requirements. The US Federal government is also considering the same type of provision for all US agencies.

SEI Certifications support the transition of best practices in various technologies. More specifically, SEI-Certified Computer Security Incident Handlers

• are knowledgeable and skilled in the latest practices in the cyber security field

• will produce high-quality results

• have the abilities and skills to help an organization reach goals

• have completed a industry leading qualification track

• committed to a professional code of conduct that separates them from all other practitioners in the field

• ensure that the organization stays current on recent innovations and research in the computer security field.

The certification program supports those who are computer security incident handling or incident responder professionals, computer security incident response team (CSIRT) members, network security technical staff, and other information assurance practitioners who are involved in incident handling functions.

Steps for earning your certification

1. Submit your Certification application with one (1) or more years of experience in incident handling in a technical and/or management role within seven (7) years of submission of the Certification Application. You will need to provide a detailed resume listing your relevant experience. (See the CSIH FAQ for more details on experience that meets the criteria for application.)
2. Submit the candidate’s agreement to SEI’s Code of Professional Conduct.
3. Submit a completed Certification Recommendation Form signed by your current manager
4. Submission of a signed Certification Agreement form in which candidates agree to abide by SEI Certification policies and procedures.
5. Candidacy Acceptance- The SEI will review your application and associated documentation for completeness and applicability to the experience standards required by the program. Applicants not accepted will receive notification with information highlighting areas that need improvement.
6. Passing score on the CSIH certification examination. Submit examination and certification fee of $499 when registering for the examination Testing can be accomplished via the SEI testing network or in written format at conferences and events.
   To register for the exam, follow these steps:
   a.    Go to the SEI's testing services portal.
   b.    Create a personal account and  follow the instructions for new users of the testing system.
   c.    After logging in, click "Register for Exam" at the top of the page.
   d.    On the "Exam Registration" page, click "Buy Now" next to "CERT Computer Security Incident Handler Examination." Clicking "Buy Now" does not obligate you to purchase the exam.
   e.    On the "Select Testing Center" page, use the drop-down menus at the top of the page to tailor the search for a testing center by country, state, zip code, etc.
   f.    On the "Date and Time Selection" page, schedule a testing session by selecting a date and starting time. After scheduling the test session and acknowledging that you have read the "no-shows and cancellations" policy, click the blue "Select" button.
   g.    On the "Shopping Cart" page, if everything appears correct, click the blue "Check Out" button.
   h.    On the "Checkout" page, provide the appropriate billing and payment information, and click the blue "Submit" button. After you click the Submit button, the credit card charge will be processed.
   i.    After the exam has been purchased, you will receive an email that confirms the purchase and provides important information about the testing session, including a candidate authorization code that you will need in order to take the exam.
7. Get your certification
   Successful candidates will receive a welcome kit that contains a certification diploma and other information about SEI certification. If at any time your performance during qualification is unsatisfactory, the SEI will provide you with feedback and, if necessary, steps for remediation.
8. Keep your certification up to date.
   Your CERT CSIH certification is valid for a period of three years from the award date. The SEI requires that you renew your certification according to the CSIH certification renewal requirements as listed on the CSIH renewal webpage.