5 Cyber Security Certifications to jump start your Career

When I started looking into Cyber Security Certifications, I felt out of my depth. There are so many certifications from CompTIA, SANS, EC-Council, GIAC, Microsoft, Cisco… the list goes on!

So, where to start?

There is no real answer to that question. It really depends on what you already know, and where you want to go. But, here are the 5 certifications I think are most important to get started in the field of Cyber Security. [This list is specific to the UK, as I’ve listed certifications run by the British Computer Society]

So, lets get started…!


1: BCS – Certificate in Information Security Management Principles (CISMP)

Link to Certification Page

What is this Certification?

This was the first certification I passed. I found it very useful, as it covers all the basics of Cyber Security and Information Protection. Subjects included in the certification include Information Risk, Information Security Frameworks, Procedural and People Security Controls, Technical Security Controls, Software Development Life Cycle, Physical and Environmental Security, Disaster Recovery and Busienss Continuity Management, amoungst others.

What is the main benefit of this certification?

The CISMP is a mandatory certification if you want to become a Certified Cyber Security Professional (CCP) in the UK, as part of the NCSC scheme (NCSC is the National Cyber Security Centre in the UK). You can find out more about the CCP scheme on the BCS website. Hope you are keeping up with all the acronims! đŸ˜„

The scheme certifies knowledge of individuals who work in roles such as Security and Information Risk Advisor (SIRA), Cyber Security / Information Assurance Architect, Information Assurance Accreditor, Information Assurance Auditor, IT Security Officer, and Communications Security Officer.

How to Pass the Exam

I attended a week long course, and ended up passing with a Distinction. But, you can just read the official book, and as long as you study it from cover to cover, you’ll be fine.

2: CompTIA Security+CompTIA Security+

Link to Certification Page

What is this Certification?

CompTIA Security+ is a foundational, vendor-neutral IT security certification. As a benchmark for best practices in IT security, this certification covers the essential principles for network security and risk management – making it an important stepping stone of an IT security career. Following on from CISMP, this certification has more technical aspects, describing in detail how networks are configured and secured.

What is the main benefit of this certification?

This certification is well regarded worldwide, and is a very well establised and understood certification within the InfoSec community. Many entry level Cyber Security jobs will list Security+ as a requirement, as it allows you to demonstrate you have the foundational skills required.

How to Pass the Exam

You can buy one of the many books, attend a training course, or learn online using videos such as Professor Messor.  The exam can be booked online, and can be taken in exam centres worldwide.

3: CompTIA Cyber Security Analyst (CSA+)CSA+

Link to Certification Page

What is this Certification?

CompTIA Cybersecurity Analyst (CSA+) is an international, vendor-neutral cybersecurity certification that applies behavioral analytics to improve the overall state of IT security. CSA+ validates critical knowledge and skills that are required to prevent, detect and combat cybersecurity threats. It provides skills to allow you to:

  • Configure and use threat detection tools.
  • Perform data analysis.
  • Interpret the results to identify vulnerabilities, threats and risks to an organization.

What is the main benefit of this certification?

Properly trained IT security staff who can analyze, monitor and protect cybersecurity resources are in high demand. The U.S. Bureau of Labor Statistics (BLS) predicts that information security analysts will be the fastest growing overall job category, with 37 percent overall growth between 2012 and 2022.

How to Pass the Exam

You can buy the book, or attend a training course. Once comforatable with the contents of the certification, you can book an exam online to be taken in exam centres worldwide.


4: EC-Council Certified Ethical Hacker (CEH)Certified Ethical Hacker

Link to Certification Page

What is this Certification?

A Certified Ethical Hacker is a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in a system, and uses the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). The CEH credential certifies individuals in the specific network security discipline of Ethical Hacking from a vendor-neutral perspective.

What is the main benefit of this certification?

The Certified Ethical Hacking training course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure. By learning how malicious attackers can access systems, you are better prepared to protect them!

How to Pass the Exam

You can buy a book, attend a training course, and use practice labs to get the technical knowledge required.

5:GIAC Certified Incident Handler (GCIH)GIAC Certified Incident Handler

Link to Certification Page

What is this Certification?

Whilst the other courses I’ve mentioned give a basic knowledge on how to prevent a Cyber Attack, or how to conduct in (in order to know how to prevent one!), this certification is about responding to an attack when it occurs.

The GCIH certification focuses on detecting, responding, and resolving computer security incidents and covers the following security techniques:

  • The steps of the incident handling process
  • Detecting malicious applications and network activity
  • Common attack techniques that compromise hosts
  • Detecting and analyzing system and network vulnerabilities
  • Continuous process improvement by discovering the root causes of incidents

What is the main benefit of this certification?

Incident handlers manage security incidents by understanding common attack techniques, vectors and tools as well as defending against and/or responding to such attacks when they occur. An important part of being a cyber security professional is knowing how to respond when something happens. This certification ensures you are ready for an incident whenever it may occur.

How to Pass the Exam

You can read a book, attend a training course, and then book an exam online to be taken in an exam centre worldwide.

Why haven’t you included CISSP, everyone else does!

When you mention Cyber Security certifications, most people will mention the Certified Information Systems Securiry Professional. The reason it’s not on my list is this is an advanced certification, requiring at least 5 years experience (to be evidenced) in the InfoSec industry. My 5 are a great basis to get started. If you pass them all, and have the experience.. then the CISSP could be next on the list…!

What do you think?

Does my list of Certifications make sense to you? Would you do anything different? Let me know in the comments below.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Blog at WordPress.com.

Up ↑

%d bloggers like this: