Home
Certification Preparation
General Certification
ITIL Beneficial within Cyber Security?
Infosec85
Hello folks,
As the title suggests is the above certification beneficial within I.T security.
I have to be honest and say I don't know much about it, other than it relates to best practices etc. I've always assumed it was more a managerial sort of certification.
However looking at job descriptions for infosec roles I have seen it popping up quite a lot.
Can someone elaborate?
Many thanks!
Find more posts tagged with
Comments
OctalDump
ITIL Foundation is good for anyone working in IT. It deals with how IT relates to business, which is really fundamental to delivering useful IT services. So even if you are the 'lowly' info sec guy managing firewalls, or trawling alerts from a SIEM, being able to ensure that the service you deliver is appropriate to the organisation's strategy is a good thing. Like other areas of IT, there is a risk to get carried away and deliver services that aren't entirely right for the company.
ITIL provides a framework for IT to give the business what it needs, and also to help IT articulate what they can offer in a language that business can better understand.
There is some value in higher level ITIL certifications for certain info sec roles. They deal with the management and delivery of IT services, which necessarily encompasses security. The CIA triad is fairly fundamental to IT services.
Axelos, the people that run ITIL, also have a security framework, Resilia, which integrates with ITIL. However, I haven't seen that it has much visibility.
Infosec85
Thanks appreciate the insight
Chinook
If you were a straight up pen-tester, probably not. If you're working in a larger company, government or hospital, yes it would. It can never hurt to have ITIL under your belt.
stryder144
ITIL is beneficial though not necessarily directly "cyber". I would recommend getting the Foundation cert then work on ISACA's
COBIT
. Give the link a read through, you might find it useful.
DatabaseHead
@Stryder
- Good call on ISACA (COBIT). I would consider looking into it myself if I was the OP.
jibbajabba
ITIL is good for any job assuming the company is implementing it. If the company isn't implementing ITIL then you are on your own
mbarrett
jibbajabba
wrote:
»
ITIL is good for any job assuming the company is implementing it.
It will give you an edge to get in the door of those companies that do. I see a lot of people asking for it by name - it can't hurt, and might actually help in the long run.
As for the content itself, I can't speak to it because I'm not that familiar, other than it will give good insight into best practices, etc. which can be more useful on the compliance side. Not so useful if you are more on the technical side.
Pmorgan2
ITIL and COBIT appear to be pretty good for most IT professionals. It helps show that you can be a member of the team, not just the IT guy. I think integrating your role into the business model, interacting with other functions in a business, and being able to quantitate the impact of your actions on the business mission are "soft skills" all companies want. ITIL and COBIT appear to try to put those soft skills into a common framework and certify the knowledge.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
