IT security or cyber security is all about securing information, be it personal, professional, corporate, or governmental. With almost every aspect of our lives going online, every shred of information about each one of us will exist in cyber space. The most critical of this is information that can cause financial impact or personal harm.
The rapid growth of technology has the dangerous challenge of ensuring information security keeps up. The swiftly expanding IT security market faces a shortage of skilled professionals with the right blend of experience and certification to take on the responsibility of securing information. While experience is a matter of time, certification is important to validate the credentials of a professional to the company that is hiring.
It is imperative for any professional in the IT security space to have a certification that is commensurate to the job they intend to undertake. It is important that a professional evaluates one’s own skill sets at any juncture in their career and chooses a certification to match their own requirements for career progress. Here we look at 10 of the certifications available to a IT/Cyber Security professional.
GSEC (GIAC Security Essentials)
A leading developer and provider of certification for cyber security is the GSEC, or, Global Information Assurance Certification Security Essentials, which has global recognition from corporate, military and government bodies. Designed for professionals with knowledge of information security concepts and terminology, it validates their competence of applying technical expertise and skill in real world security scenarios.
GSEC professionals are technically skilled in access control, password management, authentication, cryptography fundamentals, IPv6, Linux, ICMP, network mapping, network protocols and, identification and prevention of wireless attacks. The certification exams authenticate the professional’s abilities in areas of security such as forensics, security admin, management, legal and audits.
The certification is ideal for candidates that have IT security knowledge beyond concepts and terminology. There are no prerequisites besides this to take the GIAC exam.
The International Information Systems Security Certification Consortium, also known as (ISC)2, is an internationally recognized and renowned organization for the certification of IT/Cyber security professionals. The Certified Information Systems Security Professional (CISSP) is one of the key certifications from this body.
Its design is aimed at candidates that are information assurance professionals. They must have the capacity to define the architecture of information systems, its design, controls and management; covering salient aspects, such as cloud computing, risk management, security application development, and more.
Prerequisites to acquire this certification are:
- At least 5 years of work experience
- Experience in at least 2 domains of the 8 in the CISSP CBK
The other key certification from the (ISC)2 is the SSCP (Systems Security Certified Practitioner). Like the CISSP certification, this is also designed for professionals with a leaning towards information security. However the SSCP is most suitable for IT Managers who have acquired technical skills on the job. Their knowledge of security is based on practical experience and they have the ability to define in information security its design, architecture, controls and management.
The certification is most suited for those that aim to access the career opportunities of database administrators, network security engineers, security administrators, system engineers or security analysts. The certification validates a professional’s capabilities in aligning the organizations security policies with the implementation and administration of infrastructure, to ensure the confidentiality of data.
Prerequisites for this certification are:
- Minimum one year of work experience
- Experience in at least 1 domains of the 8 in the CISSP CBK
- A candidate can still appear for the exam without the above prerequisites and achieve an Associate (ISC)2 status till the gain the requisite experience.
Like the (ISC)2, the ISACA (Information Systems Audit and Control Association) is a globally established and recognized body that certifies information security professionals. Its certifications are a combined resultant of credits for work experience and output from the exam.
One of the key certifications is CISM (Certified Information Security Manager). IT is directed at candidates with a leaning to organizational security, which puts the focus on business objectives, aligning information security towards these goals.
Prerequisite for this certification are:
- A minimum work experience of 5 years in information security
- At least 3 years as a manager of information security
CISA (Certified Information Systems Auditor)
Another key certification from ISACA is the CISA, which is a recognition for professionals with expertise in assurance, security and IS audit control. IT is essential for those that are given the responsibilities of auditing, monitoring and assessing the business and IT systems of a company.
The certification validates a professional’s knowledge, experience and skill in assessing the vulnerabilities of the security systems, compliance reporting, and establishing organization-wide security controls.
Prerequisites for this certification are:
- 5 years work experience in IS audit, security, assurance or control.
Harvard Extension School Cyber security Certificate
A Cyber security certification by the Harvard University Extension School is aimed at the weaknesses and threats within the space of cyber security. The certification validates a professional’s knowledge of security technologies and the protocols and tools required to manage them.
The certification consists of 4 courses over a 18 month period during which the professional is educated about communication technologies, data network devices, security risks and mitigation, and developing policies for security information at an enterprise level.
There are no prerequisites for this certification. It is possible to directly enroll for the course during any of the 3 registration periods, spring, summer, fall.
CEHv9 (Certified Ethical Hacker)
EC-Council (The International Council of Electronic Commerce Consultants)is a body that has information security and e-business certifications. One of the most commonly used certification is CEH(Certified Ethical Hacker).
Some of the other certifications provided by the EC-Council are, CHFI (Computer Hacking Forensic Investigator), EDRP(EC-council Certified Disaster Recovery Professional);ECSA(EC-Council Certified Security Analyst); LPT(Licensed Penetration Tester); ECIH (EC-Council Certified Incident Handler); CISO (Chief Information Security Officer); ECSP (EC-Council Certified Security Specialist); ENSA (EC-Council Network Security Administrator) andCSCU (Certified Secure Computer User).
The CEHv9 is an Ethical Hacking and Security Auditing program for the information system. It is an education on the latest techniques of hacking,security threats, and attack vectors. It is also a practical demonstration of tools, methodologies, and tricks of various hacking techniques.
The perquisite for this certification is
- Minimum 2 years experience in information security or
- Attendance of the official training
Find CEH-V9 Certification training options around you.
ECSA (EC-Council Certified Security Analyst)
ECSA (EC-Council Certified Security Analyst) is another certification from the EC-Council (The International Council of Electronic Commerce Consultants). This certification is the next step beyond the CEH certification.The ideal candidates for this certification are System Administrators, Network Server Administrators, Risk Assessment Professionals, Information Security Testers and Firewall Administrators. While CEH teaches a professional the use of hacking techniques and ways to manage hacking attacks, ECSA assists professionals to analyze ethical hacking by assessing its outcome from the various hacking technologies and tools used. This enables an ECSA certified professional to intensively assess the structure of the organizations information security and mitigate any and all risks.
Prerequisite for this certification is:
- Minimum 2 years experience in information security, or
- Attendance of the official training
The CompTIA Security+ certification is ideal for beginners in the information security space. It gives an overview of critical concepts that govern IT/Cyber security. The certification validates a professional’s capabilities to keep an organization’s IT network secure and have the skills to protect it in the situation of it being hacked.
Prerequisites for the certification are:
- Minimum of 2 years IT administration work experience
- Work experience with focus on information security is preferred but not mandatory
- Before taking the security exam, it is recommended that the candidate acquire a Network+ certification
CWSP (Certified Wireless Security Professional)
CWNP, or Certified Wireless Network Professional, is a non-profit consortium. The organization has vendor-neutral Wi-Fi training and certification for all levels of professionals, from entry to network experts.
The Certified Wireless Security Professional (CWSP) certification is to validate the competencies of professional in making hack-proof enterprise Wi-Fi networks, irrespective of the Wi-Fi gear brand or quality being utilized in the company
The only prerequisite is that the candidate must have a valid CWNA (Certified Wireless Network Administrator) certification, which is a primary certification available from CWNP.
If you are keen in pursuing your career in the space of information security in the IT field, it is a prudent decision to be certified. It validates your competencies, experience and skills, making it simpler to be selected by employers as the right candidate for the job.
Share this Post