With growing concern worldwide for the security of digital assets and increased activity by threat actors and fraudsters, cybersecurity professionals are in high demand. Let’s look at the recognized types of cybersecurity certification, what training and career opportunities are available, what employers are looking for, and how long it takes to get your cybersecurity certificate.
Cybersecurity Career Opportunities
Over the next five years, Cybersecurity Ventures predicts the cost of global cybercrime will grow from $6 trillion in 2021 and reach $10.5 trillion by 2025. In addition, the company projects spending on cybersecurity services for businesses and consumers to total more than $1.5 trillion between 2021 and 2025.
Even more alarmingly, Cybersecurity Ventures reported 3.5 million unfilled cybersecurity jobs worldwide in 2021, up 350% from 2013. In the US alone, an estimated 450,000 cybersecurity jobs went unfilled last year, despite more than 950,000 jobs in the sector. While that’s a problem for business, it’s also an opportunity for IT pros.
Types of Cybersecurity Certification
There are three paths to getting your certification in cybersecurity – an entry-level certificate, cybersecurity accreditation from a recognized IT organization, or a college or university degree. We’ll focus on what you need for a certificate, the additional steps to gain recognized certifications from leading IT professional groups, and how long it takes to acquire each.
Certificates range widely in cost and may require undergraduate or graduate-level coursework. Certificates are usually awarded after completing an educational program at a college, university, or private training facility. Some large organizations like Microsoft, Google, and IBM offer in-house training in addition.
Some cybersecurity certificates require as little as 12 to 18 credit hours, although some higher-level studies may take several years to complete. Often, no prerequisites are needed to start a certificate program, but tuition and books can be expensive depending on the college or university.
Many certifications can be earned without coursework but require one or several exams to test an IT pro’s knowledge, skills and capabilities. Professional or industry organizations typically require continuing education units (CEUs) to maintain certification and ensure members stay current with new industry developments and innovations.
A certification exam only takes hours or half a day. Still, applicants may need to study rigorously for several months in advance, following a suggested reading program and study to ensure a passing grade. Each exam requires a fee for applications, materials, study guides, and additional fees if a rewrite is needed to pass an exam.
Certification is a popular route for busy, experienced IT professionals, and many companies will assist with fees to promote professional development and skill-building.
What Cybersecurity Jobs Are Available?
While Certified Information Systems Security Professionals (CISSPs) number more than 90,000 US, employers had more than 106,000 openings requiring CISSP certification. Just 17,000 IT pros held Certified Information Security Managers (CISMs) in the US. Another 40,000 jobs required CISM certification as employers compete to find cybersecurity talent.
Jobs in the sector typically range from the C-suite to hands-on cybersecurity managers and professionals with titles including Chief Information Security Officer (CISO), security architect, cybersecurity engineer, malware analyst, penetration tester, and computer forensic analyst.
Seven Common Cybersecurity Certifications
The IT industry favors several different certifications to encourage consistent standards and skills. According to Burning Glass, 59% of cybersecurity positions require at least one certification.
The foundation-level certificates include:
- Certified Ethical Hacker (CEH) – formal training or minimum of two years’ experience before taking the CEH exam
- Certified Information Security Manager (CISM) – offered by ISACA; covers IT security audit control, assurance, and security
- Certified Information Systems Security Professional (CISSP) – five years of full-time experience plus varied common body of knowledge (CBK)
- Certified Cloud Security Professional (CCSP) – offered by (ISC)2, requires a minimum of five years’ experience with two years in security and core CBK
- Systems Security Certified Practitioner (SSCP) – requires just one year of experience and core CBK
- EC-Council Certified Security Analyst (ECSA) – focuses on penetration testing and similar prerequisites to CEH
- Licensed Penetration Tester (LPT) – requires CEH, ECSA or both
- Comp TIA Security + – no prerequisites before an exam; core certifications include CompTIA IT Fundamentals, CompTIA A+, CompTIA Network+, and CompTIA Security+
- Global Information Assurance Certifications (GIAC) – no prerequisites; two additional certifications include GIAC Mobile Device Security Analyst (GMOB) and GIAC Certified Forensic Analyst (GCFA).
Information on prerequisites, courses, standards, and certifications is available from educational institutions and the respective professional associations.
What Do Cybersecurity Pros Earn?
Salaries for these in-demand IT pros are attractive, and certification increases your competitiveness for a position.
According to Payscale, annual median base salaries excluding bonuses include CISO ($166,000), security architects or penetration testers ($125,630), cybersecurity engineers ($97,607), malware analysts ($92,882), and computer forensic analysts ($75,120).
Cybersecurity Credentials Count
Here’s a quick list of the preferred cybersecurity certifications for each of these leading IT security roles:
- CISO – CISM or CIISP certification, and MBA or university degree, and substantial IT industry experience
- Security Architect – typically CompTIA Security+ and CISSP with a degree in computer science or information technology
- Cybersecurity Engineer – CEH and CompTIA Security+
- Penetration Tester – CEH, LPT, Offensive Security Certified Professional (OSCP), or Certified Expert Penetration Tester (CEPT)
- Malware Analyst – GIAC Reverse Engineering Malware (GREM) certification
- Forensics Analyst –Certified Forensic Computer Examiner (CFCE) and Certified Computer Examiner (CCE).
Which Cybersecurity Certification Is Best for You?
The best cybersecurity certificate varies for every IT professional depending on your interests, years of industry experience, time available, budget, and career ambitions.
For cybersecurity professionals, the proper certification helps you compete for the next career opportunity. A cybersecurity certificate enables you to gain knowledge early in your career, gain status, earn recognition, and potentially take a step up in your IT career
For employers, hiring a certified cybersecurity expert ensures a level of knowledge and experience that raises your organization’s capability to protect and respond to the growing number of cybersecurity threats. One thing is certain – the demand for cybersecurity skills is growing in leaps and bounds.