February 21, 2017
Security certifications aren't mandatory for all industry experts, but they can make a difference in applying for new roles. (ISC)² CEO David Shearer says they're a "must-have" when looking at candidates on paper.
"Statistically, someone who goes through the formal [certification] process tends to be a candidate with more educational experience," he says, and certifications give professionals the "deep dive" expertise they need to drive their careers.
There are definitely people who learn from experience and fall outside the rule, however. "There are always exceptions; people who don't have certifications who are fantastic at what they do," Shearer notes.
But a certification gives you broader knowledge, he says. "You need to think broad and you need to think deep," he says of building security expertise.
This depth is what separates security certificates from certifications, which "have a different bar you have to go through compared with a certificate," he says, citing a report from the Institute for Credentialing Excellence. Certificates typically don't evaluate experiential performance. "There's a lot more rigor that goes into a credential as opposed to a certificate."
While the distinction doesn't necessarily mean certificates are bad, it's simply something to bear in mind because they are designed to evaluate different things and therefore have a different structure.
It's important for businesses to recognize the difference between certificates and certification programs, says Shearer. People commonly use "certificate" and "certification" as synonymous terms.
Businesses who want professionals to demonstrate established knowledge or skills should focus on certification programs, which aim to validate competency through a structured assessment system. Certificate programs provide instruction so participants acquire skills in a specific area. While certification content is typically broad in scope; certificate content is much narrower.
Here's a look at some of the key certifications for security experts today. Do you have any of these certifications? Thinking about them? Feel free to share your thoughts and keep the conversation going in the comments.
About the Author(s)
You May Also Like
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023
9 Traits You Need to Succeed as a Cybersecurity Leader
The Ultimate Guide to the CISSP
Selling Breaches: The Transfer of Enterprise Network Access on Criminal Forums
2021 Banking and Financial Services Industry Cyber Threat Landscape Report
2021 Gartner Market Guide for Managed Detection and Response Report