Training Centers

To provide training for your employees, you can look to the manufacturer or vendor of the system you have chosen to operate, as well as to specialized companies that provide training services in the field of information security. Training programs can be expensive, so you should make sure beforehand that you are getting exactly the type of training service for which you are paying. Make sure that you select a training center that has specific experience and specializes in information-security training.

In general, there are two approaches to educating and training security professionals: developing universal specialists and developing professionals that specialize in one particular area of information security (intrusion detection, in particular). The first approach generally involves the study of specific products and their rules of operation. A specialist trained in this manner is usually familiar with specific software and the solutions provided by a specific vendor. As a result, these specialists are not always effective in other situations. CheckPoint certification programs are an example of this type of training. The second approach is more practical. As well as a general exam (the number of questions usually varies from 60 to 100), students in these courses must pass a test showing that they are able to handle real-world problems arising in the course of day-to-day activity. Specialists trained by this method will be able to solve intrusion detection problems using any tools. One example of such a course is the GIAC (Global Incident Analysis Center) program. There are also combined methodologies, combining the advantages of both approaches. Some examples are the programs provided by Internet Security Systems or Cisco Systems.