Are cyber security certifications worth it – A Close Look

Seems like for the past few years cyber security has become a hot topic as well as Cyber Security Certifications. I’m sure one point or another everyone in the tech industry has asked themselves “is certifications really going to help me land that job” or “are cyber security certifications worth it”. And I don’t blame you, who wants to spend their hard earned money and end up not getting no value or appreciation for it. Today we will take a look at some cyber security certifications and also job postings to see.

Types Of Cyber Security Certifications:

  • CompTIA Security+
  • CompTIA Advanced Security Practitioner (CASP)
  • Certified Ethical Hacker (CEH)
  • Certified Information Systems Security Professional (CISSP)
  • Offensive Security Certified Professional (OSCP)

Background of The Cyber Security Certifications:

Security+: This certification is provided by CompTIA. Not only is it DoD 8570 compliant but also is a requirement for most Goverment Agencies.

Offensive Security Certified Professional: OSCP is an ethical hacking certification. It was created by Offensive Security and teaches pentest testing with the use of the Kali Linux distribution.

Certified Ethical Hacker: It’s obtained by proving your knowledge of finding vulnerability’s and weakness in computer systems.

CompTIA Advanced Security Practitioner: is an international, vendor-neutral exam that you must prove competency in research and analysis, enterprise security, risk management.

Certified Information Systems Security Professional: Considered the gold standard in Information Technology. It’s globally recognized and is distributed by ISC2.

What are Employers looking for?

are cyber security certifications worth it

We went through some job boards and collected a few listings and here is what we found.

Job Listing 1.Information Security Professional:

Education Requirements: Bachelor’s degree in Computer Science, Technology, Business, or Related Fields.

Mention of Certification: No

Job Listing 2.Cyber Security Specialist:

Mention of Certification: No

Education Requirements: Bachelor’s degree in Computer Science or Engineering or equivalent evidence of aptitude (e.g. – OSCP, OSWE, OSEP or OSCE)

Job Listing 3. Security Engineer:

Mention of Certification: Yes

Job Listing 4. Junior Security Engineer:

Education Requirements: Network+ , Security+, CISSP, GSEC, 2+ Years previous experience cyber security or related field.

Mention of Certification: Yes

Job Listing 5. Information Security Engineer:

Education Requirements: Bachelor’s degree and typically 5 or more years related work experience.

Mention of Certifications: No

Job Listing 6. Cyber Threat Analysis / Detection:

Education Requirements: 2 or more years of related experience in Information Security

Mention of Certifications: No

Job Listing 7. Information Security Engineer:

Education Requirements: Bachelor’s degree and 2 Years or more related experience.

Mention of Certifications: No

Job Listing 8. Junior Cyber Security Specialist:

Education Requirements: Current Security+ or equivalent certification, Bachelor degree

Mention of Certifications: Yes

Job Listing 9. Senior Security Specialist:

Education Requirements: Master degree, 4 Years related experience.

Mention of Certifications: Yes

Job Listing 10. Information Security Engineer:

Education Requirements: Bachelor’s degree and typically 5 or more years related work experience.

Mention of Certifications: No

What does this information tell us:

  • 4 out of 10 listings asked for some type of cyber security certification.
  • 8 out of 10 required a degree as their minimum requirement.

Cost For Certifications:

are cyber security certifications worth it

Coursework and study material is not included below:

Offensive Security Certified Professional: $800

Certified Ethical Hacker (CEH): $1199

Certified Information Systems Security Professional (CISSP): $699

CompTIA Security+: $339

CompTIA Advanced Security Practitioner (CASP):$379

Advantages:

  • Become qualified for higher positions and better salary.
  • Cost is not to high.
  • Won’t take years to obtain if you really study hard for the exams.
  • Some employment opportunities require a certification.
  • Shows your commitment to the field and may show employer’s that you have taken extra steps to becoming a expert.
  • Could be the deciding factor on which person will be chosen for the position.

Negatives:

  • Employers seem to value related experience or a degree over just a certification. So don’t expect doors to open up without those.
  • Exams may be harder for people that haven’t worked in the field , which will make the process of obtaining a certification longer to get.
  • Some certifications actually require you to already be in the field before becoming considered to take the exam.
  • Study material is quite expensive. Although there is a lot of free material online. You never know the quality of it and if it’s been kept up to date to the newest exams.
  • There is a renewal fee every couple years or so for most of these certifications. So keep that in mind.
  • Most of these certifications are not hands on tasks. They only require you to retain definitions. Which may hinder you if you obtain a career and have no hands on experience. ( OSCP is a exception to this )
  • A few people use material such as brain dumps to memorize questions for these exams and actually pass. Employer’s know this a for some may not place to much value on a certified only person.
  • Saturated with many who want a shortcut to becoming a expert. They stock up on many certifications. We heard of stories of people with no work related experience or college education but they got 10 or more certifications because a trade school told them they will make 100k+ a year after.

So are cyber security certifications worth it?

From the information that we gather your are better off getting a degree or trying to get in any type of work related experience in the IT field. Now that’s not to say that these cyber security certifications aren’t worth it. If your already been working in the Information Technology field and have a degree then i don’t see why you would not pursue one of these certifications. It can give you more value as a professional and show a employer that you are continuing to learn and grow in the field.

If you have any questions or would like to add to this please feel free to comment or reach out to us on email. We are always willing to update or hear others opinions.


How to get into cyber security field

СYBER SEСURITY So how to get into cyber security field ? Сyber seсurity refers tо the bоdy оf teсhnоlоgies, рrосesses, аnd рrасtiсes designed tо рrоteсt netwоrks, deviсes, рrоgrаms, аnd dаtа…

14 Eyes Surveillance Alliance – Explained

There аre mаny сruсiаl fасtоrs thаt deсide the fаte оf сyberseсurity аnd оnline рrivасy. There аre different аttасk veсtоrs thаt threаten yоur seсurity, thоse inсlude mаlwаre, рhishing, etс. Араrt frоm…

SQLMap Cheat Sheet – Quick Start

SQLMap is a python open source Cyber Security testing tool that helps automate the process of exploiting SQL injection vulnerabilities.  It features many options to help you in your testing…