Which certifications will get you into Cybersecurity?

Home > Insights > Which certifications will get you into Cybersecurity?
Share this

If you’re seeking new direction in your IT career or you’re looking to specialise, now’s the time to consider a career in cybersecurity. Businesses are spending billions each year to ensure their data is protected from malicious attacks and this spend is projected to keep rising.

Demand is massive for qualified security professionals and certification is the obvious way to demonstrate your skills and knowledge. The five top certifications to add to your CV to help you launch your cybersecurity career are:

Microsoft Technology Associate (MTA) – Security Fundamentals

Aimed at high school and college students MTA Security Fundamentals is the most entry-level certification in this list, however it is also an excellent starting point for those who are looking to change careers. Included in the syllabus are core security principles, the basics of operating systems and network & software security. There are no prerequisites for this course, it provides a starting point to a future career in security but assumes some hands-on experience of things like Windows Server, firewalls, Windows networking and other security related products to improve your chances of passing the exam.

ISACA CSX – Cybersecurity Fundamentals Certificate

Known for its intermediate and advanced level courses such as Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA), The CSX Cybersecurity Fundamentals Certificate is quite new and aimed at entry-level employees or those in IT that need to know more about cybersecurity. The course covers concepts and domains such as network, system, application and data security, incident response and the security of evolving technologies.

These skills are in high demand as an epidemic of threats plague businesses around the world. This certification will help you to demonstrate your understanding of cybersecurity principles and add a qualification to your CV that will put you ahead of other candidates.

CompTIA Security+

Known the world over, CompTIA Security+ gives you the basic skills required to perform key security tasks. Topics covered on this course include threats, attacks & vulnerabilities, architecture & design, risk management, cryptography, identity & access management and technology tools.

CompTIA offer a number of different courses including Network+ which they advise taking before embarking on Security+. Due to the emphasis on practical skills they also recommend a couple of years’ experience in networking before taking the exam. In addition to the normal network and security admin jobs, CompTIA also reckon this course will set you up for Junior IT Auditor and Penetration Tester roles.

GIAC Information Security Fundamentals (GISF)

This certification although a foundation level course is aimed more towards system administrators and others whose roles already have existing IT security responsibility.  The objectives of this certification are similar to CompTIA Security+ but take you further than terminology and concepts and confirm your qualification for hands-on IT security roles. Therefore it is strongly advised that candidates taking this course have developed problem solving skills and hands on experience whether lab based or from a commercial environment.

As you might expect the cost for this course is more than the likes of CompTIA Security+ but will line you up nicely for the intermediate level course GIAC Security Essentials (GSEC), although this is a significant step further up the security ladder.

(ISC)2 Systems Security Certified Practitioner (SSCP)

Widely regarded as the world leader in cyber security (ISC)2 developed the CISSP for those aiming for higher-end roles in information security with the SSCP being the entry level certification. 

This course is normally taken by system auditors, system administrators, application programmers and project managers preparing for security centric roles such as security analyst, security engineer and security administrator, which begin at junior level in the main for those who don’t have technical IT or engineering experience.

To obtain SSCP certification there is one exam covering seven areas, or common bodies of knowledge (CBK), including access controls, security operations and administration, monitoring & analysis, risk response & recovery, cryptography, networks and communications security and malicious code and activity.

To assist in preparation for the exam there is a range of training aids including training courses, WebEx’s, workshops and written material. We suggest you make use of all of them.

Exam preparation

There are different ways to study for all of these certifications, so choose the one that works for you, although formal instructor lead training will obviously carry significant extra cost compared to on-line alternatives. It is important to devote your time to self-study and don’t forget to look on-line at vendor websites to take advantage of the many study guides available.

Moving forward

Don’t think it stops there. In the last year the industry has seen massive security breaches suffered by global enterprises such as Facebook with over 80 million records breached, massive losses suffered and resulting in negative press. Although shocking this has highlighted the need for top level cybersecurity IT professionals and boosted the job market in this area.

When considering potential information security candidates businesses always look for certification along with experience as a key competence measure with CEH (certified ethical hacker), CISM (certified information security manager), CISSP (certified information systems security professional) and GSEC (SANS GIAC security essentials considered to be leaders in the field of information security today. So once you have established your career in cybersecurity with initial certification we advise that you keep studying with the aim of obtaining one of these.