The CCFP is the only global standard available for assessing experienced digital forensics professionals’ mastery of the discipline. Originally only available for the US and South Korea, the credential has been developed for the European legal environment following a series of exam workshops conducted by a panel of experts from public and private sector organizations in the UK and Europe to ensure that its scope and content reflects the requirements of the region.
“In Europe, the complexity is much higher due to the law-related disparities among countries,” said Lorenz Kuhlee, CCFP-EU, (ISC)² volunteer and lead investigator for the RISK Team at Verizon, in a statement. “The CCFP credential supports the unique requirements of individual countries, but equips professionals with a best practice-led, uniform and thorough approach to dealing with overall challenges.”
The CCFP spans the digital forensics and information security disciplines. The six (ISC)² CBK domains within the credential include: legal and ethical Principles; investigations; forensic science; digital forensics; application forensics; and hybrid and emerging technologies.
“A major challenge for the information security community today is that we are unable to fight cybercrime as one force,” said Kuhlee. “The crime scene is broad and so to be effective, there is a need for collaboration across the cybercrime landscape in a way that bridges all aspects of security including technology, analytics, law enforcement and business.”
The idea is to ensure a comprehensive, yet advanced body of knowledge.
“Cyber forensics is more than crime scenes and just collecting and analyzing hard drives and USB sticks,” said Adrian Davis, managing director for EMEA, (ISC)². “It can be applied to big data, security log review and other important security activities where careful analysis can yield important insights. Additionally, the discipline permeates information security, law enforcement and law in general.”
In Europe, standardizing cyber forensics practices is especially challenging given the numerous jurisdictions within the region. “The CCFP encompasses the depth and breadth of expertise that every cyber forensics professional must possess – from forensics techniques and procedures through to standards of practice, as well as legal and ethical principles – that are commonly recognized, applicable and relevant across the region,” said Davis.
To attain the CCFP, applicants must hold a four-year degree leading to a Baccalaureate or regional equivalent and have at least three years of cumulative paid full-time, professional experience in digital forensics or IT security in three out of the six domains of the credential. Those not holding a degree must have six years of cumulative paid full-time digital forensics or IT security work experience in three out of the six domains of the credential; or an alternate forensics certification approved by (ISC)² and five years of full-time digital forensics or IT security experience in three out of the six domains of the credential.
Registration is now open, with the first exam available on April 30 at Pearson VUE test centers across the region. The German translation of the exam will be available on June 15.