UK CSC update on UK CSC Professional Registration and Re-Validation Requirements - Security Testing
- Asserting the highest standards in Security Testing is core to our task of maintaining the professional register, enabling our stakeholders to reference Professional Titles and providing the buying community assurance that only skilled and competent individuals are listed on the register.
Professional Titles and Exams
- Continuous Professional Development (CPD) is a mandatory requirement for all individuals registered on the professional register of cyber security professionals. The UK Cyber Security Council are currently developing robust guardrails to ensure the high standards expected by the industry and stakeholders are consistently met and upheld through CPD
- In consultation with the Security Testing Licenced Bodies and the Security Testing TAP (Technical Advisory Panel) it has been agreed that anyone holding a professional title must also hold the appropriate “Competence A” technical qualification which will have a three-year renewal cycle
- We are aware of some of the queries around the refresh cycles of the existing certifications and to re-assure the community we have instigated an agreement with both licenced bodies to require a minimum 3-year refresh cycle. This provides UK CSC and its stakeholders the assurance that quality standards will be maintained.
- For the avoidance of doubt anyone holding a Security Testing professional title at Practitioner level or above must ensure that they hold concurrently a valid technical “Competence A” certificate at their appropriate level from one of the two licenced bodies, CREST or The Cyber Scheme.
- Once a robust CPD approach has been developed and accepted we will communicate further any related impacts on the Security Testing professional titles.
Should you have any questions please contact your relevant Licenced Body:
CREST - https://www.crest-approved.org/about-us/contact-us/
The Cyber Scheme - info@thecyberscheme.org