If you want to change careers in the new year, a career in cybersecurity is a good call, as U.S. government agencies and businesses are spending billions to protect their assets and data from malicious attacks. Forbes estimates that $170 billion will be spent globally by 2020.
With this high demand for qualified security professionals, it is logical to get a certification to verify your knowledge and skills and to let your resume stand out from the rest. These five certifications could help launch your career in cybersecurity.
1. ISACA CSX Cybersecurity Fundamentals Certificate
ISACA is known in the security industry for certificates such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), and other certifications. The CSX Cybersecurity Fundamentals Certificate is a new addition to the ISACA program and was designed as an entry-level certificate. This certificate covers five cybersecurity-related domains:
- Architecture Principles
- Concepts
- Incident Response
- Data, Application, System and Network Security
- Evolving Technology Security
2. Microsoft Technology Associate (MTA) Security Fundamentals
The MTA Security Fundamentals is the most “entry-level” certification of those discussed in this article. It is aimed at early college and high school students and those already working but wanting to change careers. MTA Security Fundamentals recognizes knowledge of the basics of operating systems, network and software security, and core security principles. A single exam must be passed to achieve certification.
Microsoft recommends hands-on experience with Windows-based networking, Windows Server, and common security products (including firewalls) to improve the chances of obtaining the MTA Security Fundamentals certification.
3. GIAC Information Security Fundamentals (GISF)
GISF is aimed at information security officers, managers, and system administrators who require a solid overview of in-depth defense techniques, information assurance principles, security policies, risk management, and disaster recovery and business continuity plans. GISF exams cover similar topics as the CompTIA Security+, but GISF is seen as being more challenging. Hands-on experience gained through on-the-job experience or training is recommended, as GIAC exams require candidates to apply problem-solving skills and knowledge.
4. CompTIA Security+
The Security+ entry-level security certification is probably the best known security qualification. It covers a wide range of information assurance and security topics, including threats and vulnerabilities, network security, cryptography, access controls, host and data security, and risk management principles and application. This certification complies with the Federal Information Security Management Act (FISMA) and meets Directive 8570.01-M of the U.S. Department of Defense requirements. This is important for individuals wanting to work in IT security for the federal government.
CompTIA recommends that before taking the Security+ exam, candidates should achieve the Network+ credential and have two years of relevant experience. The Security+ certificate could lead to jobs such as network administrator, security specialist, and security administrator.
5. (ISC)2 Systems Security Certified Practitioner (SSCP)
The CISSP (Certified Information Systems Security Professional) from (ISC)2 is one of the most popular and recognizable security certificates available. (ISC)2 does, however, offer various certifications relating to security, including the entry-level ANSI-accredited SSCP. The CISSP certificate prepares candidates for jobs such as security administrator, network security engineer, and systems security analyst. Candidates that don’t already have engineering or technical related information technology experience typically start at the junior level with this certification.
A single exam must be passed to achieve the CISSP. It includes questions spanning seven common body of knowledge (CBK) domains:
- Security Operations and Administration
- Access Controls
- Incident Response and Recovery
- Risk Identification, Monitoring, and Analysis
- Systems and Application Security
- Network and Communications Security
- Cryptography
Preparing for Exams
Regardless of the certification that seems like the best fit for you, you should devote plenty of self-study time to achieve your goal. Many applicants prefer to use study guides together with practice tests and flashcards to prepare. For learning styles more conducive to formal instructor-led training, the costs and time required need to be factored in.