The variety of options in the Cyber Security Certification Courses market can be difficult for the average professional to sift through. That is why careful consideration should be given to your situation. Specifically, your current skill level, your target role, your industry, and how employers in your region are going about things. Use this guide to develop a solid decision framework that works for your situation.
Target Your Role First
Formulate a single, clear question. “What role do I want, and what certifications are listed in job postings for that role?” Then, spend an hour poring over job postings for your target role on LinkedIn, Indeed, or Naukri. Identify the certifications that are listed on the postings. You can use this type of question to tune out marketing gimmicks, and adjust your efforts toward the demands of the market regarding your target goal.
Consider this: If your target is a SOC analyst role, the marketing gimmick certifications you should be focused on are Security+, CySA+, and the Security Operations. If your target goal is a cloud security role, the same can be said for certifications that are on security cloud platforms, CCSP, and the AWS Security Specialty. In the end, let the job market guide your certifications of most priority.
The Beginner Track
If you have less than 2 years of experience of working in the cybersecurity field, the ideal certification path is: CompTIA A+ and Network+ (only if you have no grounding in IT), then CompTIA Security+ first, as a dedicated cybersecurity certification. Security+ certifies you understanding the basics of a broad field and is the most regarded certification in the industry. If you add up a hands-on learning platform, you can show you have the skills for beginner level job applications.
The Security Plus certification is one certification you should aim for as a beginner and you should not move towards other specializations before you have the foundation that Security+ covers.
The Intermediate Track
Once you have 2-3 years of experience along with the Security+ certification, the more advanced specialized certifications can be pursued. If you are looking for protective security and SOC roles: begin with CySA+ and then pursue GCIA (GIAC Certified Intrusion Analyst) or GCIH (GIAC Certified Incident Handler). If you are interested in offensive security and penetration testing: you can start with a base of CEH and move to OSCP, the more advanced practical level credential. If you are looking for your field to be in cloud security: then pursue ISC2 CCSP or the security of the specific cloud platform. If you are looking for your field to be in governance and compliance: then IT security certificates of ISACA, CISM or CRISC, can be pursued.
The Experienced Professional Track
Professionals with five-plus-year experience should be considering the CISSP if they haven’t done so already. CISSP is basically the entrance ticket to being a security director, CISO, and senior consultant. On top of CISSP, specialization in a sought-after area through CCSP, GSSP, or other certifications is essential to prime a professional for a the most senior positions in the most lucrative domains (e.g., cloud security, identity & access management, application security, or threat intelligence).
What Makes a Good Certification Course?
No matter the credential, the quality of the prep course is paramount. A quality CISSP prep course has up-to-date information regarding the current exam objectives, hands-on in-lab exercises that facilitate the acquisition of practical and theoretical concepts, high-quality practice exams that are of the same style and difficulty level as the actual exam, and an instructor that has real world experience as a practitioner, in addition to holding an academic qualification.
Steer clear of courses that focus a lot on rote learning and those that have not been revised in the last 12 to 18 months. The exam content changes as the threat evolves, and prep resources that are not in sync leave a lot to be desired and create knowledge gaps that are detrimental on the exam day.
Selecting Certification Based on Learning Style
CISSP and Security+ validate course-driven preparers. OSCP and GIAC validate lab-centric preparers. Recognize what you are and take a pick. Practically minded candidates thrive with Offensive Security and GIAC credentials that demand hands-on application. Alternatively, those who do better in a classroom setting are likely to do well with CompTIA and ISC2 paths.
Determining the right certification is about career goals, current cyber security skills, and learning style. Save money and time invested in preparation.
This content is brought to you by the FingerLakes1.com Team. Support our mission by visiting www.patreon.com/fl1 or learn how you send us your local content here.