Cybersecurity Credentials Collaborative (C3)


Mission:
To provide awareness of and advocacy for vendor-neutral credentials in information security, privacy, and related IT disciplines. To advance the craft and practice of certification program development and to provide a forum to collaborate on matters of shared concern.

Purpose:
The purpose of the C3 is to provide a forum for collaboration among vendor-neutral information security and privacy and related IT disciplines certification bodies. That collaboration will result in the advancement of IT careers, a more prepared workforce, greater insight into how these certifications are developed, and how they meet the IT needs for organizations including governments, private enterprises, educational institutions, and the public at large.

A non-exclusive list of collaborative activities is planned to include the following:
  • Provide the industry with factual information on how C3 certifications accurately validate knowledge, skills and abilities of the workforce
  • Where appropriate, promote a common IT certification message to legislators and government agencies and provide them with accurate information regarding the benefits of these certification programs.
  • Identify opportunities for joint projects of the commissioning of 3rd-party research for the advancement of knowledge of vendor-neutral credentials in information security, privacy, and related IT disciplines.


Why Certification Matters - Analysis of the Value of IT Certification

This presentation is based on recent data gathered from C3 member organizations and explores the value of certification in our industry.



Member Organizations

CertNexus
CompTIA
GIAC
IAPP
ISACA
(ISC)2



Ethics

The Cybersecurity Credentials Collaborative (C3) and its member organizations have adopted A Unified Principles of Professional Ethics in Cyber Security, adapted from the Unified Framework of Professional Ethics for Security Professionals, originally set forth by the Security Professionals Ethics Working Group. In addition to C3 member organizations, the Unified Principles of Professional Ethics in Cyber Security have also been formally endorsed by ISSA. ISSA was one of the original participants in the Security Professionals Ethics Working Group.

Integrity
  • Perform duties honorably, justly and responsibly, in accordance with existing laws, exercising the highest moral principles
  • Act in the best interests of stakeholders
  • Refrain from activities that would constitute a conflict of interest
  • Report ethical violations to the appropriate governing body in a timely manner.
Objectivity
  • Perform all duties in a fair manner and without prejudice
  • Exercise professional judgment in order to provide unbiased analysis and advice
  • When an opinion is provided, note it as opinion rather than fact
Confidentiality
  • Respect and safeguard confidential information and exercise due care to prevent improper disclosure
  • Maintain appropriate confidentiality of proprietary and otherwise confidential information encountered in the course of professional activities, unless such action would conceal or result in the commission of a criminal act
Professional Competence
  • Perform services diligently and with professionalism
  • Render only those services for which you are fully competent and qualified
  • Recognize and acknowledge the contributions of others
  • Refrain from professional misconduct which would damage the reputation of the profession
  • Participate in professional development activities to maintain the skills necessary to function effectively
Consistent with the Unified Principles of Professional Ethics in Cyber Security which have been adopted by The Cybersecurity Credentials Collaborative (C3) and its member organizations, C3 member organizations are committed to encouraging self-reporting of adjudicated ethics violations by credential holders to the credential holder's employer and to other certifying bodies that have issued credentials to the individual. Also consistent with the Unified Principles of Professional Ethics in Cyber Security, C3 member organizations, as allowed by their respective policies and applicable law, may share results of finally adjudicated ethics violation complaints and the disciplinary measures imposed with other C3 member organizations.

Why Certification Matters - Analysis of the Value of IT Certification

This presentation is based on recent data gathered from C3 member organizations and explores the value of certification in our industry.
Contact Cybersecurity Credentials Collaborative (C3) at: info@cybersecuritycc.org