How to Prevent Fake Experience and Credentials While Hiring A CISSP Professional
Do you know buying a fake degree online is easier than getting the driver’s license? Although you may not like it, for less than $100, anyone can go online and find websites that help people get fake job references, produce false education credentials, and even create fiction companies by exploiting online presence to give the applicant an edge in getting hired. Recently a company in China was raided, and police arrested the whole gang for selling fake credentials. While more than a few people take advantage of this as they don’t want to spend their time learning and gaining experience before getting the credential, it ruins the market reputation of global-credentials. If you’ve ever had to look for the CISSP Professional for your organization then, you must know qualified individuals for the job are not always easy to find.
How do organizations become a victim?
As cyber-attacks around the world are skyrocketing in the pandemic, organizations are in the hassle to hire a cybersecurity expert with the right credential. Unfortunately, the urgent need to hire makes it tempting to skip the verification process. As a result, they can put the organization in a vulnerable position.
The digital expansion of the data has rapidly outpaced the design of a security protocol for the data. This makes it difficult to hire the right person for the job. Although the whole industry of cybersecurity is expected to grow by 22% through 2020, but that doesn’t mean you would hire the very first person that shows up with the CISSP credentials. Before you bring an applicant with CISSP credentials on-board, it is essential to understand how some individuals can fake credentials and how you can spot these fake credentials. This will ensure you are hiring the best professional for the position.
What to look for in a security professional?
The first thing you should look for in an IT security professional is education. The applicant you are about to hire must have a bachelor’s degree in computer science. In addition to the degree, the candidate must have a few industry-wide and vendor-specific credentials. Some to look for areas given below:
- Certified Information Systems Security Professional (CISSP)
- Cisco CCNA Security
- Certified Information Security Manager (CISM)
- Microsoft Certified Solutions Expert (MCSE)
- Certified Information Privacy Professional (CIPP)
- Offensive Security Web Expert (OSWE)
Acquiring most of these credentials requires at least one year of certification and training course at an accredited institute or extensive testing. These are not the only credentials in the industry, but the issue is while some credentials require extensive knowledge, others just require only basics. That’s why it is crucial to know the specific credentials you are aiming for while hiring the security professionals.
Having clear credentials in mind will make it easier to filter out the most suitable applicants for the job. Nevertheless, checking on these credentials might not be enough as there are a lot of services out there that are designed to stretch the right string at the right time.
Also Read: CISM vs. CISSP Certification: Which One Is the Right Career Choice for You?
How credentials get faked? How can you prevent it?
It is essential to strictly follow the verification process while hiring to fill any job profiles to prevent fraud. As a recruiter, you also need to understand how easy it is to fake a credential and even if you come across one how to spot it. Take CISSP certification and training course for an example- to ensure the credential is valid; the applicant may show a transcript or certificate. Still, a simple Google search will turn up hundreds of websites that offer fake certificates and even transcripts.
This is why you should never take the certification at face value. When you are performing the background check on the applicant, take note of the issuing body of the credential and the certification number. Most of the organizations offer a place on their website where you can validate the certification and ensure the person has completed his qualification from there.
Another thing you need to be aware of while hiring a CISSP professional is that he can provide fake numbers for references. So, rather than asking the applicant for the reference, search the organization online and call them; if no one picks up the phone, then it means they do not exist. In this digital era, almost every company has an online presence, and finding the company without any online presence indeed raises the suspicion.
In the end, you can always connect to ProICT Training to either hire qualified candidates or acquire CISSP certification and training courses for your existing employees. For further information, please visit the website.
Leave a Reply