During the last 2 weeks I have been doing some research into the available IT Security Certifications, to summarize - the prominent ones seem to be:
CISSP (from http://www.isc2.org/) - The CISSP seems to be most renowned and sought-after security certification available today.
SSCP (from http://www.isc2.org/) - Can be seen as an intermediate certification for professionals not meeting the full requirements for CISSP yet.
Security+ (from http://www.comptia.org/) - Security+ is seen in general as a very good entry-level course. It can serve as a good stepping stone on the road towards CISSP.
GIAC (from http://www.giac.org/) - Certifications from the SANS institute. Focuses more on hands-on technical experience, as opposed to a more theoretical approach taken by isc2.org.
I personally will start with the Security+ certification from CompTIA. Although one can jump into the "deep end" and pursue some of the more advanced certifications I like the idea of establishing the basic concepts and then re-enforcing them step-by-step, certification-by-certification. Some people will want to approach this differently - pursuing the certification more than the skills associated with it. I personally want to firmly embed the basics as I build a full set of skills.
Along the road, and coming soon to this blog, I am going to investigate a whole plethora of technical skills related to IT security. Expect to see some Assembler code as I investigate software vulnerabilities and develop the skills to write the exploits myself. I'll report on the tools I discover and my impressions on them as well as some short tutorials or step-by-step guides.