search menu icon-carat-right cmu-wordmark

CERT-Certified Computer Security Incident Handler

Certification • Information Security

Even the best information security infrastructure cannot guarantee that intrusions or other malicious acts will not happen. When information or technology incidents occur, it is critical for an organization to have an effective program and process as well as qualified individuals ready to respond.

Benefits of the Computer Security Incident Handler Certification

This certification helps individuals show that they have the knowledge and skills for career advancement, and helps organizations identify, hire, and promote motivated and skilled individuals in the workforce. CERT-Certified Computer Security Incident Handlers

  • are knowledgeable and skilled in the latest practices in the cybersecurity field
  • produce high-quality results
  • have the abilities and skills to help an organization reach its goals
  • have completed an industry-leading qualification track
  • are committed to a professional code of conduct that separates them from all other practitioners in the field
  • ensure that their organizations stay current on recent innovations and research in the computer security field

After completing the certification process, successful candidates may choose to be listed on the SEI website as an SEI-Certified Individual and are entitled to refer to themselves and their accomplishment as in the following examples:

  • "(Name) is a CERT-Certified Computer Security Incident Handler."
  • "To become a CERT-Certified Computer Security Incident Handler, (Name) has demonstrated knowledge and skills that represent the latest practices in the cybersecurity field."
  • "(Name) has earned a Computer Security Incident Handler certification from the CERT Division of the Software Engineering Institute at Carnegie Mellon University."

Who Should Get This Credential?

The CERT-Certified Computer Security Incident Handler (CSIH) certification program is intended for computer security professionals with one or more years of experience in incident handling and/or equivalent security-related experience, including

  • military, civilian, and contract personnel who handle information systems
  • computer network incident handling and incident responder professionals
  • computer security incident response team (CSIRT) members and technical staff
  • system and network administrators with incident handling experience
  • incident handling educators
  • cybersecurity technical staff

Although completion of training is not a requirement, the SEI recommends that applicants ensure they have studied appropriately for the examination. Learn more about the CSIH Certification Examination.

Note regarding ANSI accreditation: In 2012, the CERT-CSIH earned accreditation from the American National Standards Institute (ANSI) Accreditation Program for Personnel Certification Bodies for compliance with the U.S. DoD 8570 Information Assurance Workforce Improvement Program. On August 1, 2013, the SEI discontinued its ANSI accreditation, and the CERT-CSIH will no longer be an approved DoD 8570 baseline certification. Professionals seeking to complete the CERT-CSIH program in order to fulfill the DoD 8570 requirement should search for a different certification to be in compliance.

Term and Renewal

CERT CSIH certification is valid for a period of three years from the award date and expires the last day of the month in which it was awarded. To renew certification, all of the following must be submitted 30 days before the last day of the month in which an individual's certification is due to expire:

For details, see How to Renew Computer Security Incident Handler Certification.

Summary of Fees

  • Examination fee: $499
  • Renewal fee: $150

For more information on the fees to become a CERT-Certified CSIH, please contact the SEI at certification-info@sei.cmu.edu.

Certification Process

  1. The SEI will review your application materials and respond within 2–6 weeks.
    • Applicants whose applications are approved receive email from the SEI with approval of their candidacy and instructions for registering for the CSIH exam.
    • Applicants whose applications are not approved receive notification with information highlighting areas that need improvement.
  2. Within 12 months of receiving the approval email from the SEI, you must register for the CSIH Certification Examination via the SEI testing portal and receive a passing score. Learn more about the CSIH Certification Examination.
    • The proctored exam is available at hundreds of Kryterion testing centers worldwide.
    • If a Kryterion test center is not available to a candidate in a particular geographic area, the SEI offers an alternative testing program that enables organizations to host proctored SEI examinations using the Kryterion secure online system at their own site.
    • Those who do not pass the exam on their first attempt may schedule up to two additional attempts within 12 months of the initial exam. The standard examination fee applies to each attempt.
    • If the applicant does not obtain a passing score in those three attempts, the applicant must request permission to retake the examination by sending a letter to the SEI Certification Program. The SEI Certification Program may grant permission to make up to two additional attempts. If these attempts are unsuccessful, applicants must wait 2 calendar years and reapply to the SEI Certification Program with evidence of further incident handling and/or security experience, training, and knowledge.
  3. After successfully completing this certification process, you receive your certification diploma and may choose to be listed on the SEI website as an SEI-Certified Individual.

If at any time your performance during qualification is unsatisfactory, the SEI will provide you with feedback and, if necessary, steps for remediation.

Contact us with questions about this certification at certification-info@sei.cmu.edu.

Related Courses

CERT-Certified Computer Security Incident Handler Qualification Examination

Exam • Incident Handling

This examination is designed to demonstrate that cyber-security professionals have sufficient knowledge and skill in key areas to successfully conduct network security...

Register

Training courses provided by the SEI are not academic courses for academic credit toward a degree. Any certificates provided are evidence of the completion of the courses and are not official academic credentials. For more information about SEI training courses, see Registration Terms and Conditions and Confidentiality of Course Records.