The quarterly publication of the International Legal Technology Association
Issue link: https://epubs.iltanet.org/i/139453
best practices interest and proven proficiency in information security. Give them a new title, and provide training and resources for those individuals to become dedicated security leaders. The Demand for Certified Professionals In most technical areas outside information security, certification is rarely associated as a surefire qualification for a position. However, advanced security certifications such as the Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) are and will likely continue to grow as popular baselines when considering candidates for new personnel in legal. The CISSP examination especially is almost made to order for a legal practice, as it evaluates candidates' knowledge on 10 different domains, many of which are central to successful legal operations. For example, one of the 10 domains addresses laws and regulations that govern proper practices for gathering evidence in the wake of a data breach and presenting compliance requirements. Other reasons law firms are flocking to certified professionals include: •Range of Experience: One would be hard-pressed to find a hiring manager who didn't value relevant experience as a top qualifier for potential candidates. Addressing this need, CISSP candidates must exhibit knowledge in a broad range of disciplines and have at least five years of experience in two of the 10 domains contained in the certification. •Commitment to Education: CISSPs require recertification every three years, which demonstrates their commitment to understanding new strategies, methods and technologies as things emerge and change. Consequently, as topics like cyberforensics and e-discovery continue to grow in importance at law firms, CISSPs are on the path to stay knowledgeable and relevant when addressing those issues. •Credible As Expert Witnesses: According to Hord Tipton, Executive Director of (ISC)2, prior to earning his CISSP certification, he was testifying as a security expert during a major computer security case and endured opposing legal counsel attempting to make him out as a fool. However, when put in a similar situation two years later with CISSP certification in tow, Tipton was treated as a foremost authority on the topic. Tipton notes: "If you testify or appear before a judge and have this certification behind your name, you have a whole lot of extra credibility." 16 Peer to Peer