CERT-Certified Computer Security Incident Handler

The speed with which an organization can recognize, analyze, and respond to an incident will limit the damage done and lower the cost of recovery

CSIH Blurb Big

Even the best information security infrastructure cannot guarantee that intrusions or other malicious acts will not happen. When information or technology incidents occur, it will be critical for an organization to have an effective program, process, and qualified individuals responding.

The CERT-Certified Computer Security Incident Handler (CSIH) certification program has been created for

  • computer network incident handling and incident responder professionals
  • computer security incident response team (CSIRT) members and technical staff
  • system and network administrators with incident handling experience
  • incident handling educators
  • cyber security technical staff

The certification is recommended for those computer security professionals with one or more years of experience in incident handling and/or equivalent security-related experience.  Although completion of training is not a requirement, we highly recommend that each applicant ensure they have studied appropriately for the examination.

SEI CERT provides certification and training programs to support the needs of military, civilian, and contract personnel who handle information systems with the appropriate certification and training needed for the job they perform.

Why become certified as a computer security incident handler?

Every organization relies on professionals who are highly skilled in various computer security practices to operate successfully in today’s environment. These same organizations have discovered that using certifications is a way to identify, hire, and promote motivated and skilled individuals in the workforce.

SEI Certifications support the transition of best practices in various technologies. More specifically, SEI-Certified Computer Security Incident Handlers

  • are knowledgeable and skilled in the latest practices in the cyber security field
  • will produce high-quality results
  • have the abilities and skills to help an organization reach goals
  • have completed a industry leading qualification track
  • committed to a professional code of conduct that separates them from all other practitioners in the field
  • ensure that the organization stays current on recent innovations and research in the computer security field.

The certification program supports those who are computer security incident handling or incident responder professionals, computer security incident response team (CSIRT) members, network security technical staff, and other information assurance practitioners who are involved in incident handling functions.

Steps for becoming a CERT-Certified Computer Security Incident Handler

Step 1: Apply

  • Submit your Certification Application with one (1) or more years of experience in incident handling in a technical and/or management role within seven (7) years of submission of the Certification Application. You will need to provide a detailed resume listing your relevant experience. (See the CSIH FAQ for more details on experience that meets the criteria for application.)
  • Submit a completed Certification Recommendation Form signed by your current manager.
  • Candidacy Acceptance- The SEI will review your application and associated documentation for completeness and applicability to the experience standards required by the program. Applicants not accepted will receive notification with information highlighting areas that need improvement.

Step 2: Examination

Obtain a passing score on the CSIH certification examination. Submit examination and certification fee of $499 when registering for the examination. Testing can be accomplished via the SEI testing network or in written format at conferences and events.

Candidates who successfully complete the examination are then submitted to the CSIH Advisory Board for confirmation of certification.

Candidates who do not successfully complete the examination are provided with a score report and guidance for next steps.

Step 3: Receive your certification

Successful candidates will receive a welcome kit that contains a certification diploma and other information about SEI certification. If at any time your performance during qualification is unsatisfactory, the SEI will provide you with feedback and, if necessary, steps for remediation.

Step 4: Keep your certification up to date

Your CERT CSIH certification is valid for a period of three years from the award date. The SEI requires that you renew your certification according to the CSIH certification renewal requirements as listed on the CSIH renewal webpage.