Attorney seeking GLEG cert?
I'm wondering what all is invovled in obtaining the GLEG certification and whther it would be worth pursuing?
Admittedly, I had no idea what a GLEG was and stumbled across this certification looking up NIST CF certs. I noticed SANs offers 5-day training courses, but I'm wondering is it possible to pass with self-study? I currently work in the Data Privacy Law field so I have a pretty good overview of many of the concepts offered in the training.
*ETA* My ultimate goal is likely a CPO role or chief privacy council. I'm currently a Data Privacy SME, being a lawyer is a second career, went to law school part-time evenings at age 35. Worked in IT 15+ years as a sys/network admin and IT Director.
Admittedly, I had no idea what a GLEG was and stumbled across this certification looking up NIST CF certs. I noticed SANs offers 5-day training courses, but I'm wondering is it possible to pass with self-study? I currently work in the Data Privacy Law field so I have a pretty good overview of many of the concepts offered in the training.
*ETA* My ultimate goal is likely a CPO role or chief privacy council. I'm currently a Data Privacy SME, being a lawyer is a second career, went to law school part-time evenings at age 35. Worked in IT 15+ years as a sys/network admin and IT Director.
Comments
-
MrsWilliams Member Posts: 192 ■■■■□□□□□□LAWYER2 said:I'm wondering what all is invovled in obtaining the GLEG certification and whther it would be worth pursuing?
Admittedly, I had no idea what a GLEG was and stumbled across this certification looking up NIST CF certs. I noticed SANs offers 5-day training courses, but I'm wondering is it possible to pass with self-study? I currently work in the Data Privacy Law field so I have a pretty good overview of many of the concepts offered in the training.
*ETA* My ultimate goal is likely a CPO role or chief privacy council. I'm currently a Data Privacy SME, being a lawyer is a second career, went to law school part-time evenings at age 35. Worked in IT 15+ years as a sys/network admin and IT Director.
The issue is, when you have the course materials and a home made index (based off the course materials), you can quickly go through the index and find the answer during the exam. If that doesn't work, you can go to your books where the answer is guaranteed to be at.
With self study, you take the vague exam objectives and try to cover as much as you can that they could possibly put on the exam.
I just took a GIAC exam yesterday. What I will tell you is with the self study price, which isn't horrible compared to the full on-demand and/or live courses...it would hurt to fail. If you fail then want to retake because you already invested the money, you are then at the price it would have cost to just pay out of pocket. Look at it that way ..The cost of the course is $5,730.
I personally think it's because it's less than a thousand GLEG certified people in the WORLD. SANS just doesn't cater towards North America. I will repeat that again, it's less than a thousand GLEG certified people in the WORLD. So, you have to look at your reasoning for taking the exam. If your reasoning is rationale, go for it. Popularity doesn't mean the course isn't adequate in providing material. It just means with the 50 other courses the Law of Data Security isn't the most popular.What's involved in obtaining the cert, you ask? Create an account on the sans portal, find whatever training option you want, pay online/over the phone/, wait for your materials to arrive. Not too difficult. You can always add the certification exam later on. It's no rush if you want to take a few months to understand what the course and exam is asking before purchasing an exam attempt.
Go for it -
JDMurray Admin Posts: 13,099 AdminThere might be a few legal people using the GIAC GLEC cert to give themselves cred as a cyberlaw practitioner. It could be another thing on your CV to justify your suitability as an expert witness too.
Are certifications used/recognized in the legal community? If so, what are some of the vendors who specialized in offering legal certifications?
-
LAWYER2 Member Posts: 37 ■■■□□□□□□□Thank you very much for the helpful input! I think I'm going to go for it. Certs aren't primarily used/recognized in the legal field, however there are specilizations that attorneys can be recognized for to stand out from other, I.e., an attorney who specializes in personal injury or med-mal. The American Bar Association does recognize Data Privacy Law as a specialization through the IAAP for lawyers who hold two or more privacy certifcations and have 3+ years of practice in that field. Many attorneys practicing Data Privacy law who hold IAAP CIPP/US/GDPR certs tend to stand out from others and are readily held out as experts through their firms. I also teach as an adjunct law professor and looking to design a privacy law corriculum an I think the GLEC cert will help add to that expertise. I spoke w/ Benjamin Wright who teaches the course, who is also an attorney, and he said many of the particpants are also practicing attorneys who work as in-house counsel.
-
Randy_Randerson Member Posts: 115 ■■■□□□□□□□GLEG holder here
Outside of probably 2 days, you're going to already know most of what else is discussed. Things like contracts and risk assessment you'll probably already know. Where it holds some good credence is with the examples of companies that had issues with cyber risk and lessons learned. Also GDPR and BYOD stuff was really good to know.
Let me know if you have any questions!