Top Cyber Security Certifications
March 3, 2015
Are you packing several cyber security certifications? The job market aches for experienced cyber security professionals who have the knowledge and endurance to combat countless attacks while protecting organizations. Over the last several years, security breaches become more prevalent to the extent that the general public starts to lose confidence in businesses, universities, and even health care institutions to protect their information. No person’s sensitive info sits safely locked away.
The five certifications listed apply to professionals with varying experience and knowledge. Depending on where you want to go in the security world, these certifications may or may not give you the best chance leading to a fruitful job and career.
Everyone starts somewhere. The CompTIA Security+ certification provides a solid foundation of security concepts, technologies and practices for those looking to start a career in this field. According to Department of Defense Directive 8570 (DoDD 8570), Security+ is a requirement for employees of several federal agencies and military branches connected to the DoD.
In the commercial sector, the certification is not a requirement unless asked for by potential employers such as Canon and Dell who hire Security+ holders. Here is an expanded list of companies that hire CompTIA professionals.
Learn more about Security+ by reading these blog posts:
- What is Security+ (Plus)?
- Is CompTIA Security+ (Plus) Worth It?
- Ethical Hacking for Beginners: CompTIA Security+ or EC-Council CEH
- How to Pass the CompTIA Security+ (Plus) Exam
- Average CompTIA Security+ Salary in the DC-MD-VA Metro Area 
(ISC)2’s Certified Information Systems Security Professional (CISSP) is internationally recognized and accredited by ASNI. The certification requires at least five years of experience and covers several components of cyber security including physical, network, and operational security. Similar to the CompTIA certifications, the CISSP is a vendor neutral accreditation. Federal agencies and enterprises look for professionals with the certification.
CISSP covers ten IT security domains of:
- Access Control
- Telecommunications and Network Security
- Information Security Governance and Risk Management
- Software Development Security
- Security Architecture and Design
- Operations Security
- Business Continuity and Disaster Recovery
- Legal, Regulations, Investigations, and Compliance
- Physical (Environmental) Security
CompTIA’s Advanced Security Practitioner (CASP+) certification addresses tangible and technical skills for the experienced cyber security professional. CASP+ requires no prerequisites to earn the certification, but people looking to take it should hold significant experience and preferably have a Security+ certification.
Watch this video to see what Claude Williams says about the differences between CISSP, CASP+ and CISM.
Are you a hacker at heart who likes to find holes and break things? EC-Council’s CEH course attempts to teach security professionals how to think like a black hat hacker. If you can see through the criminal’s eyes, you have the ability to stop them from breaking into your IT systems.
The demand for experienced white hat hackers stands at an all-time high. The CEH demonstrates your understanding of a pen tester’s tools and approach for identifying system vulnerabilities. Employers want security professionals with at least CEH level understanding.
The Certified Information Systems Manager (CISM) certification is relevant for IS managers who design, create and oversee security strategies, models and controls. CISM is intended for experienced security professionals with at least five years of experience. The exam takes place only three times a year and focuses on the following domains:
- Information Security Governance
- Information Risk Management
- Information Security Program Development and Management
- Incident Management and Response
If you plan on taking the exam, leave enough time to study or even take an exam prep course.
Remember, certifications alone don’t make a person a good IT security professional capable of protecting systems from attacks. It only takes one black hat to gain access to your system. Whatever training you take, remember that you must continue to learn outside of the classroom. Continued learning is vital in information technology, especially cyber security.
IT security professionals need to know how to handle the damage after as well.