News

Security Competency Gets Revamped

Microsoft revises Partner Competency, splitting it into two tracks for technical implementers and security management partners.

As a response to partners seeking help from Microsoft in its never-ending battle to keep customers secure, Microsoft Corp. says it has restructured the Security Solutions competency into two specializations with revised requirements.

In the process, Microsoft also sought an assist from outside its walls, partnering with two key security groups, the Information Systems Audit and Control Association (ISACA) and the International Information Systems Security Certification Consortium ((ISC)2).

Microsoft says it has taken a "technology agnostic" approach within its Security Solutions competency, splitting it into two specializations that address technical issues and the other that looks at security policy and risk management, governance, and auditing.

"Whether you’re working with Microsoft technology or providing security products, services or solutions — across the enterprise we want them to have a home in this program," said Thomas Dawkins, a group product manager involved in developing the security partner strategy, through a statement.

The technical track, Infrastructure Security, focuses on a partner's ability to implement and administer security measures to its customers. As part of the specialization's fulfillment, partners must have two employees on their staff who've earned IT security certifications. Microsoft this time around has tweaked the requirements: Rather than requiring staffers to both possess an MCSE: Security certification, Microsoft has added third-party certifications onto the requirements list.

Two of those certifications come from the (ISC)2, a vendor-supported security industry group that includes Microsoft among its board: Certified Information Systems Security Professional (CISSP) and Systems Security Certified Practitioner (SSCP).

Two others come from ISACA, an independent group who focuses on standards, IT governance, risk management and auditing: Certified Information Systems Auditor (CISA) and Certified Information Security Manager (CISM).

Employees who use those certifications toward fulfillment must also have passed Microsoft's exam 70-299: Implementing and Administering Security in a Microsoft Windows Server 2003 Network.

The other track targets a different kind of partner, one that Microsoft says is focused on providing security management services to its customers. The Security Management specialization, therefore is less technical and, in fact, doesn't require an MCSE: Security. Instead, the specialization requires two employees who've earned a CISSP, CISA, or CISM and have passed Microsoft exam 70-298: Designing Security for a Windows Server 2003 Network.

Both tracks also require three documented, security solutions-oriented customer references.

For details on the changes, go to https://partner.microsoft.com/global/competency/securitysolutions/40017158. To find out more about ISACA, go to http://www.isaca.org/. More on (ISC)2 can be found at https://www.isc2.org/.

About the Author

Michael Domingo has held several positions at 1105 Media, and is currently the editor in chief of Visual Studio Magazine.

Featured

  • Microsoft Offers Support Extensions for Exchange 2016 and 2019

    Microsoft has introduced a paid Extended Security Update (ESU) program for on-premises Exchange Server 2016 and 2019, offering a crucial safety cushion as both versions near their Oct. 14, 2025 end-of-support date.

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.