The #1 Resource On The Web For Cyber Security Information, Education, & Jobs

IT Security Certifications – Do You Really Need Them?

02I51136

Cyber Security Certifications –  Your Ultimate Guide Right Here

A degree alone isn’t going to put you on the top places in your career. Sometimes big name companies will demand that you acquire certifications that prove your skills in a particular field. These skills can only be acquired through IT security certifications. These certifications are particularly helpful when you’re planning to change your job, or the competition has become too dense and you need an edge, or when you just want to gain some experience in career in order to move up the ladder.

There are many certifications available. A lot of them will be listed in this page along with resources to where you can find more information on them.

Below are the fundamentals and basics of cybersecurity certifications. If you are already aware of the basics, skip to the major certification organizations section where you’ll find a list of complete certifications available to you.

Important Note: Looking for a relevant certification in IT security? Check our Career Guide on the jobs page to learn more.

Also we just updated our Best Cyber Security Certifications for 2017 Picks >>>

 

 

Everything You Need To Know About Security Certifications

Fundamentals And Basics

Cyber Security Certifications come in all shapes and sizes. These certifications can cover anything from ethical hacking, to digital forensics and intrusion – the choice is yours. Most of these certifications are independently administered by accrediting organizations like EC Council, ISACA, GIAC, (ISC)2 and CompTIA.

These accrediting organizations have divided most of their programs into three very specific categories:

Entry Level – Designed to get you into basics. You learn about best practices, latest technologies, foundation principles and important tools to use.

Intermediate and Expert Levels – Designed for those who already have a very good understanding of their job and have valid experiences in their industry. Most programs touch on the minute details of the subject in hand.

Common things to know about certifications regardless of their subject or expertise level:

  • All IT security certifications are usable across many different jobs and organizations.
  • Certifications need to be renewed every 3 or 4 years.
  • The credentialing process includes a final exam and at least some sort of prior training.
  • In order to be re-accredited, you will need continuing education credits. You must pass a new exam every time for your desired certification.

The Required Commitments And Expected Costs

Cyber Security Certifications can be taken on and completed at any time of your life. You don’t have to be a graduate to do any of these certifications. If you’ve got the skills and the talent, you can take on these certifications even when you’re an undergraduate. A successful credential will boost your resume by making it more appealing to HR managers.

The only problem is that Certification isn’t really cheap or isn’t something you can do in just a few months. Most certifications will consume as many as 3-9 months to complete and may cost you anywhere from $300 – $600 to sit for the exam.

If you’re really, really serious about getting a certification, then we have good news for you. You may not have to pay for the certification since many universities and employers can frequently help out in paying the bills if they see you’ve got the flare and passion for the work you do.

This is evident from a 2014 Survey of Cybersecurity Trends by Sans, which noted:

  • 15% of employers shared the costs of certification for their employees
  • 65% of employees reported that their employers paid the full amount for training and certifications.

You can also ask your accrediting body for different funding options. Under the G.I. Bill, the U.S Department Of Veterans Affairs has approved reimbursements for select certifications.

Certifications are really worth the time and effort. If you successfully complete a certification, it can lead to immediate promotions,  or better job positions or these can even trigger a raise in your current job position. The SANS survey linked above also noted that many people completing a certification reported as much as 5% raise.

Selecting The Right Certification

Choosing the right certification depends on a lot of different factors. For example, are you a beginner or an expert in your field? This is an important question when selecting a certification.

For beginners, we recommend starting with the three most well known beginner certifications:

Have an indepth look at these certifications and compare them together. But if you need a short recommendation, you should consider GSEC because of its solid reputation within the IT industry. it is also approved for DoD 8570 Baseline Information Assurance.

Also, don’t overlook the CompTIA Security+ certification because it is one of the most well known certifications for beginners. It has been listed down as one of the 5 Top Information Security Certifications for 2016 by Tom’s IT Pro.

Once you have gone through a number of certifications, it will come down to your expertise level and subject of interest. For example, if you happen to be interested in Penetration Testing, you would probably want a certification with GIAC GPEN.

Want to know more about the popular certifications in your industry? Look below:

In July 2015, CIO did a survey of cyber security certification demands and found out that CISSP, CSA/LPT, GPEN and others were the top 8 requested certifications by employers.

To end this section, we want to strongly encourage you to start with an entry level program under a popular organization and then move onto their advanced credentials. But If you’ve got the knowledge, the flare and the talent, you don’t necessarily need to start at the entry level. Whenever starting a certification, look for the prerequisites on the fine print to learn if you are eligible without taking an entry level certification.

Department Of Defense Directive 8570 Requirement

In 2004, the Department Of Defense found out some problems within the system. No training process was offered in place for any of its security personnel. In short, they had very little understanding whether their IT administrators, managers, directors and technicians had the qualifications to handle the tasks required.

For this, the DoD came up with the Department of Defense Directive 8570. It was announced way back in August 2004 and was implemented the next year in December . The directive launched by DoD ensured that the cyber task force available within were ready for the battlefield.

Basically, it was:

  • Made it necessary for IA certification to be accredited by ANSI or by any equivalent authorized body that was under ISO/IEC Standard 17024.
  • Mandated all baseline professional certifications for any and all of its IA (Information Assurance) positions.
  • It was applied to anyone who had access to the DoD systems. This included civilian contractors, military personnel and as well as foreign employees.

These IA positions were distributed into five categories, which are:

  1. Information Assurance Manager (IAM)
  2. Information Assurance Technician (IAT)
  3. Information Assurance System Architecture & Engineering (IASAE)
  4. Computer Network Defense (CND)
  5. Computing Environment (CE)

The categories were then appropriately split between levels of expertise and proficiency. For example, the requirement for any baseline certification depended on what level you were at.

For example, if you are an IAT, you may require Security+ at level 2 but an IAM on the other hand would need CISSP at level 3. View the chart of requirements of DoD 8570 certification at (ISC)2).

Department Of Defense Directive 8140 Requirement

With the expansion of cyberspace into mobile, cloud and wireless, the original DoD 8570 categories quickly become outdated. Department of Defense Directive 8140, which is also known as Information Assurance Workforce Improvement Program, was issued instead to address the problem.

This directive didn’t include categorical job titles, instead it created 7 categories under the National Initiative for Cybersecurity Education (NICE). They are:

  1. Maintain and Operate
  2. Security Provision
  3. Analyze
  4. Protect & Defend
  5. Oversight & Development
  6. Operate & Collect
  7. Investigate

Each category has a number of different jobs and tasks within. For example, if you aim for the Analyze category, you can go for Cyber Threat Analysis, All-Source Analysis and Targets and Exploitation Analysis.

Further Security Certification Resources

Need more information on IT security certifications? This section will provide you with popular external sources where you can learn more about them.

NICCS Cybersecurity Education and Training Catalog

NICCS is known to maintain an updated list of nearly all cyber security and its related training and educational courses offered within the U.S. Have a look at their extensive catalog which contains over 1200+ courses. You can also search on the website with relevant delivery method, proficiency level and specialty area.

Tom’s IT PRo

There are plenty of useful blog posts and articles about security certifications available on Tom’s IT PRo. If you are looking for expert advice, try the page that lists down the advice of Ed Tittel. This page provides with excellent career guidance in IT security regardless of where you live.

Blog On Security Certification By Josh More

The blog provides an excellent insight on pros and cons of different certifications. This is an extremely interesting read for anyone who want to know more about security certifications. Josh uses a unique mathematical method that helps in assessing in the learning value of any given qualification.

Open Source Cyber Security Learning At Cybrary

Cybrary.it is the number one place to go if you want free training courses. The website, founded by Ralph Sita and Ryan Corey is collection of free courses that are intended to train you for cyber security certifications. For example, if you want to prepare for CompTIA certification, you can enroll in Cybrary’s free CompTIA A+ certification training course. There is a very active forum where you can find further help through experts and students alike.

More Security Certification Organizations

This section contains information on 13 cyber security certification bodies. We’ll add a couple of notes on few of the resources to help you understand what they offer.

The below cyber security certification bodies are also listed down on the website of National Initiative for Cybersecurity Education (NICE). Bodies like EC Council, GIAC, CompTIA, ISACA and (ISC)2 are members of the C3 (Cybersecurity Credentials Collaborative). The C3 is an effort to promote and bring awareness to IT professionals on benefits of different certifications.

Please note that this isn’t considered as the complete list. For example, there are some certifications missing such as the SPED Certification program that is run through the Center For Development of Security Excellence.

If you are still not sure which certification to take on, try and get involved with your network. Talk to your employer, professor, senior colleagues or even senior students. They have a strong sense of important certifications and might guide you better in gaining a qualification worth your time, effort and investment.

Note: Before taking any security certification, check the official website for more information on updated exam fees and renewal periods. These two factors can be changed by the bodies any time without notice.

The 13 Cyber Security Certification Bodies

CISCO

CISCO isn’t a vendor-neutral certification body but we still added it to the list of security certification bodies because the Department of Defense (DoD) has approved the CCNA Security Certification offered by CISCO for the DoD Information Assurance Technician Levels I and II.

The body has accreditations tiered into 4 levels of expertise:

The CCENT is the most basic certification offered by CISCO. It will cover everything from network fundamentals to basic network security. If you clear it, you will be certified to install, operate and troubleshoot any small level enterprise branch network.

CCNA is the most popular certification offered by CISCO. This is an associate level qualification. It is all about defending and securing Cisco networks. The requirements need you to show knowledge of core installations/monitoring/troubleshooting of network devices and all Cisco security structures and core security technologies.

After these two initial certifications, you can opt to go through CCNP security. This certification is specifically aligned for Cisco Network Security Engineer Role.

Alternatively, you can choose to do CCIE Security. It has nothing to do with any formal prerequisites. Instead, like a lot other top tiered certifications in cyber security, you will have to sit for a written qualification exam and do a corresponding hands on lab examination. Cisco highly recommends having at least 3-5 years of experience in a cyber security job position before attempting the certification and exam.

Note: CCNA Security is an accredited certification for ANSI/ISO/IEC Standard 17024

CERT Program

The CERT Program is a division of Software Engineering Institute (SEI). It also partners with the industry, law enforcement, DHS and academia to fight back large scale cyber threats which are sophisticated in nature.

There are two SEI security focused certifications available.

The latter certification is optimized for professionals who are in a computer security incident response team. The training modules include best practices related to most incident handling and management.

Note: SEI terminated its accreditation with ANSI in 2013. This means that the CERT-CISH isn’t approved anymore under the DoD 8570 baseline certification. If you want to have your DoD 8570/8140 requirement met, you will need to find another program.

CompTIA

For vendor-neutral IT certifications, CompTIA is the best place to go. They offer as many as 16 certification exams in subjects like networking, Linux, cloud, Security, Servers and many others.

They’re most notable accreditations include:

As mentioned during the start of this resource page, the CompTIA Security+ is an excellent baseline certification for managing risk and securing network. It also meets the requirements of IAT and IAM levels set by DoD 8570 directive.

For advanced level security skills and knowledge, IT professionals should look out for CASP. It is specifically applicable for IT specialists, security architects/ISSO, risk analysts and managers, ethical hackers and penetration testers.

In order to take the exam for CASP, an IT professional should have at least 10 years of experience in IT administration. This should include at least 5 years of experience in security.

Without having any such prerequisite, the CASP program builds upon the CompTIA Security+. It is also approved for IAT and IAM certification requirements under DoD.

Note: All three mentioned security certifications in this section are accredited with ANSI/ISO/IEC Standard 17024.

CWNP: Certified Wireless Network Professional

CWNP offers a series of training programs and exams that are vendor-neutral. This body was founded in 1999 and now has many certifications available including 4 levels of professional career oriented certifications for Enterprise level Wi-Fi.

They’re most relevant qualifications for security include:

The CWSP program is a mid-tier certification that enables an IT professional to help security Enterprise level Wi-Fi networks from hacking attempts regardless of the equipment being used. In order to earn the CWSP credential, you need to have a valid CWNA credential.

CWNE is a more open ended and high tier qualification. The program takes you into much more than security. With this, you are geared to do almost anything you want to with wireless network systems.

In order to get CWNE you must have job experience in protocol analysis, performance and QoS analysis, advanced design, intrusion detection and prevention and spectrum analysis and management.

DRI International

DRI International was founded in 1988 as a non-profit organization that provides global certifications and education in disaster recovery planning and business continuity. There are more than 12,000 certified professionals active worldwide.

The most notable certification by DRII is the intermediate level CBCP: Certified Business Continuity Professional

The above certification is a follow up to associate level ABCP and goes towards the expert level MBCP. DRII also has tiered certifications in Certified Specialists forHealthcare, Public Sector and Auditor, Certified Risk Management and Certified Vendor.

Keep in mind that the DRII process is quite thorough, so time commitment required is usually high. Their CBCP program includes a qualifying exam, an application essay and references. In order to take the exam, you need to have more than two years of experience in business disaster recovery/continuity industry. This experience has to be recent.

Note: DRII maintains directories for both DRII certified vendors and professionals occasionally.

GIAC: Global Information Assurance Certification

GIAC was founded by SANS in 1999 and offers around 20 job based cyber security certifications. These include forensics, assessments in information security and software security.

Their most notable certifications include:

As mentioned in the very beginning of this page, the GSEC is a very solid beginner level credential. The course includes of a proctored exam where each candidate is expected to demonstrate basic understanding of key security techniques and concepts like Honeypots, TCP, Linux, DNS etc.

For more advanced qualifications, look no further than the GPEN and GCIH. GPEN was made for security professionals who are tasked with finding any vulnerabilities in systems and targeted networks. GCIH on the other hand is for incident handlers that focuses on responding and resolving computer security incidents and as well as detecting them.

The most advanced and top tiered certification is GSE: GIAC Security Expert.

This is a first class accreditation that is somewhat closest in equivalence to CISSP. The exams expects the candidates to show that they have mastered all the skills required by top individual practitioners and security consultants.

You do not need any specific training for any of the GIAC certification. You can obtain information via your practical experiences or by taking courses up with SANS and other like-minded training partners. If you score high in the exam, you will gain access to exclusive high level mailing list. Having at least one certification in your hand enables you to take on the GIAC Gold Status. This is an excellent self-promotion tools to add in a resume.

Note: All three certifications mentioned in this section are accredited certifications for ANSI/ISO/IEC Standard 17024. For more information on other certifications and their accreditations, have a look at GIAC’s ANSI Accreditations.

EC-Council: International Council Of Electronic Commerce Consultants

EC-Council has a very extensive range of IT security certifications. These include training in network, internet/computer security and information. All courses are offered through the internet via iClass. The lectures are led by live instructors.

Their most notable course is the CEH: Certified Ethical Hacker

The CEH is an intermediate level course that allows candidates to learn to test, scan, hack and protect their systems. The course has a lot of content which is covered in 5 days followed by a multiple choice exam for 4 hours.

Although this certification is listed in the requirement for top paying job positions, it is still disliked by many security practitioners who share negative thoughts about EC-Council. This means that they will mostly be biased against anyone who holds a certification from the body.

However, as mentioned earlier, many hackers who favor Mile2’s CPTE, IACRB’s CPT or CEH have consistently appeared in lists of top paying hacking certifications.

But before taking on this certification, get involved with your network and talk about it. You could talk to your professor, senior students or colleagues and then take a decision.

Note: CEH is accredited by ANSI/ISO/IEC Standard 17024

ISACA

The ISACA is a non profit organization working globally to provides benchmarks, practical guidance and necessary tools for enterprises that use high end information systems. The ISACA is known for hosting a knowledge center where members of the body can participate in shared interest groups, communities, discussion and document sharing. Additionally, it has a Cybersecurity Nexus (CSX), a central location for all cybersecurity research, guidance, certifications and education. The body has been around for a very long time and holds a very high reputation.

Certifications offered by ISACA include CGEIT, CRISC, CISA and CISM: Certified Information Security Manager.

CISM has been named one of the Best Information Security Certifications for 2015-2016 by Tom’s IT Pro Ed Tittel’s list.

CISM is exclusively designed for experienced management professionals who oversee, design and access an enterprise information security. In practice, job areas include risk management,  incident management, compliance, governance, program development and management.

CISM isn’t very easy. You have to pass the exam and as well as submit a written application and agree to the code of Professional Ethics by ISACA. You also must possess a minimum 5 years of relevant work experience should you wish to gain their accreditation.

Note: CISM is accredited by ANSI/ISO/IEC Standard 17024.

(ISC)2: International Information Systems Security Certification Consortium, Inc

If you are looking for a large number of cyber security certifications, look no further than (ISC)2. They’re certifications include CAP, SSCP, CISSP and many more. Becoming a member with the body makes you eligible to have access to a large number of extensive and useful resources that include networking, job boards, e-Symposium and a Chapter Program. This program allows peers to share their resources, collaborate on different projects and share knowledge .

(ISC)2’s most notable certification which is also globally recognized is the CISSP: Certified Information Systems Security Professional.

Those who hold the CISSP certification can work as directors of security, security managers, security analysts, network architects and many other senior management roles. The program consists of 10 domains which include network and operations security, access control, legal issues, governance and risk management and much more.

You also have the option to take on a concentration from the following:

In order to take the exam, you must have at least 5 years of experience in a relevant position. You will also have to agree to the (ISC)2 code of ethics. Your application must be approved and endorsed by (ISC)2 certified professional.

Note: (ISC)2 meets the requirements of ANSI/ISO/IEC Standard 17024.

IACRB: Information Assurance Certification Review Board

IACRB is another non profit organization that offers a number of different certifications that meet a wide number of job descriptions like Reverse Engineering, Penetration Tester, Data Recoverer and more.

They’re certifications that are important are direct competitors to EC-Council’s CEH qualification. These are

CPT is the basic certification while CEPT is more tuned towards expert level.

CPT is designed to make you deal with pentesting domains like Windows/Linux/Unix exploits, network protocol attacks and wireless security.

CEPT takes everything in CPT to the next level and looks deeper into shellcodes, attacks and recon and memory corruption.

Both the certifications have a multiple choice exam that is followed by a practical that can be taken home. In order to become accredited, the candidates are expected to successfully finish three penetration challenges.

Mile2

Mile2 has a number of training programs and cyber security certifications that include CISSO, an alternative to CISSP. All coursework offered by Mile2 is approved by Committee on National Security Systems (CNSS) National Training standards.

Mile2 is also a direct competitor to IACRB’s CPT and EC-Council’s CEH certifications. Their hacking certifications include:

You need to have at least 1 year of experience in networking technologies if you want to go for CPTE. The certification requires all candidates to complete a real world, real time training for 20 hours. They must then pass a follow up multiple choice exam.

CPTC is an advanced certification that is only meant for Chief Security Officers, IT Managers and Security Consultants. It consists of a 6 hour practical exam that requires the candidates to complete a vulnerability assessment. A full penetration test on 2 IPs is also included. The candidates have 60 days to write a penetration test report and turn it in.

Note: CPTE and CPTC are approved courses for NICCS

MI: McAfee Institute

McAfee Institute specializes in providing real time, real world training and job development programs for any IT professionals that are involved with law enforcement and fraud.

They’re crime related security certification are:

Candidates have to pass a final exam after going through their online training.

MI has partnered with Department of Homeland Security in order to implement the Workforce Framework. You can also access their advisory board members page.

Note: McAfee Institute’s certifications may not be right for you because they do not have long standing reputation in the industry like other accreditation bodies. So you may wish to talk to experienced individuals before taking a decision.

Offensive Security

Offensive Security is a private company that offers many training courses, certifications and penetration testing services. The people behind the company are the founders, funders and developers of the popular Kali Linux, the direct successor to BlackTrack Linux. For those of you who are not aware of it, Kali Linux is an auditing  operating system and toolkit. They also have tons of other community projects.

Offensive Security offers OSCP: Offensive Security Certified Professional which is highly recommended if you’re a Penetration Tester who is looking for a high end certification. It is a set of different certifications that requires a lot of practical ethical hacking/penetration testing skills and knowledge. In order to clear the exam, you are allowed 24 hours to compromise a network that is vulnerable. Once completed, you are expected to file an in depth report about the penetration test and the PWK labs and network.

Other information security certifications are also offered by OS. These include the advanced certification OSCE: Offensive Security Certified Expert. In the industry however, OSCP has better reputation.

Note: Clearing OSCP exam awards you with 40 (ISC)2 CPE credits.

Lavina Bentley

Lavina Bentley

Contributor at Cyber Security Portal
I grew up on the east coast and have always been a fan of technology. It just always came easy to me. Being a woman and knowing about computers in the early days was a rarity, but now I am here to write about it and inform.
Lavina Bentley