What does a typical Cybersecurity Professional need to buttress his credentials. Certifications should be thought of as our ability to present the credentials in a manner that makes it easy for the person to understand and note that the person has the ability and understand cybersecurity jargon and best practices to put to practice the various options as to how we protect our assets.
The table was built to provide a set of certifications, what they test you for and the training that is requried to achieve the objective. As said the certificate is only a part of the story, it is the skills in addition to the understanding of the concepts that would be important for the cybersecuity professional to prove to his peers and his team as to his ability to protect the organization against threats.
| Certification | Skills Tested | Roles |
|---|---|---|
| Certified Information Systems Security Professional (CISSP) | Security and risk management, asset security, security architecture and engineering, communication and network security, identity and access management, security assessment and testing, security operations, software development security, and information security governance | Security architect, security engineer, security analyst, security manager, security consultant |
| Certified Ethical Hacker (CEH) | Penetration testing, network security, wireless security, web application security, mobile security, cryptography, and social engineering | Penetration tester, security analyst, security engineer, security consultant |
| Certified Information Systems Auditor (CISA) | Auditing, governance, risk management, and control frameworks | Information security auditor, internal auditor, compliance officer |
| Certified Cloud Security Professional (CCSP) | Cloud security architecture, cloud security engineering, cloud security operations, and cloud security compliance | Cloud security architect, cloud security engineer, cloud security analyst, cloud security consultant |
| CompTIA Security+ | Network security, risk management, threat and vulnerability management, security assessment and testing, security operations, and incident response | Security analyst, security engineer, security consultant |
| Certification | Typical Areas of Training | Required Experience |
|---|---|---|
| Certified Information Systems Security Professional (CISSP) | Security and risk management, asset security, security architecture and engineering, communication and network security, identity and access management, security assessment and testing, security operations, software development security, and information security governance | 4 years of cumulative paid full-time work experience in two or more of the eight CISSP domains |
| Certified Ethical Hacker (CEH) | Penetration testing, network security, wireless security, web application security, mobile security, cryptography, and social engineering | None |
| Certified Information Systems Auditor (CISA) | Auditing, governance, risk management, and control frameworks | 5 years of cumulative paid full-time work experience in information systems auditing, control, or security |
| Certified Cloud Security Professional (CCSP) | Cloud security architecture, cloud security engineering, cloud security operations, and cloud security compliance | 3 years of cumulative paid full-time work experience in two or more of the five CCSP domains |
| CompTIA Security+ | Network security, risk management, threat and vulnerability management, security assessment and testing, security operations, and incident response | None |
Comments