Not a week passes without a high-profile cyberattack reminding business executives of the growing importance of their IT departments. However, cybersecurity roles suffer from chronic understaffing.
In 2019, the Cybersecurity Workforce Study from the International Information System Security Certification Consortium estimated the US had 804,700 cybersecurity professionals but needed 500,000 more, a deficit of 62%. Globally, the need for cybersecurity professionals was even greater – 1.27 million, according to the study.
These figures were collected before the coronavirus pandemic, which has prompted a spike in data breaches and ransomware attacks as the shift to remote working has played havoc with corporate security.
Even as workforces shrink during this time of economic insecurity, companies large and small see the need to increase their cybersecurity defenses.
According to the same Cybersecurity Workforce Study, 48% of companies indicated they are planning to increase their cybersecurity budgets. The survey also found that 84% of cybersecurity professionals said they were pursuing or planning to pursue a certification.
Cybersecurity certifications are a key way to upgrade the skill sets of existing staff or train new employees to meet the needs of a company or organization. Not only do certifications benefit companies, but they are a main recruiting tool and value-added benefit for employees.
Certification programs cover many cybersecurity topics.
Some certifications are for entry-level and nontechnical employees such as managers who only need a basic understanding of best practices. Some are outward-facing and deal with identifying, thwarting and responding to cyberattacks.
Others offer certifications in establishing cyberdefenses and conducting threat analyses. Lastly, some certifications offer specializations in such areas as defense work, health care or engineering.
Certain programs have requirements for a level of experience or previous cybersecurity training. All certification programs involve completion of an exam.
Boston University offers an online cybersecurity certificate in cybercrime investigation and cybersecurity with classes in IT security policies and procedures, cybercrime, applied digital forensic investigation and digital forensics. Boston University also has undergraduate and graduate cybersecurity programs.
The University of Texas offers an online certificate program that was developed in coordination with the Department of Defense and focuses on handling cybersecurity attacks. The three courses are offered over 33 weeks.
Georgetown University offers a certificate in cybersecurity strategy designed for managers. The program, which can take up to two years to complete, offers lectures, group work and independent study, and focuses on a business-oriented cybersecurity strategy, crisis management and regulatory compliance.
The University of Maryland Global Campus offers certificates in Cyber Operations, Cybersecurity Technology, Cybersecurity Management and Policy Digital Forensics, and Cyber Investigation and Information Assurance. The university also offers bachelor’s and master’s degrees in cybersecurity.
George Mason University offers an Applied Cybersecurity Certificate in coursework covering cloud computing security, Cyber Incident Handling and Response, Information System Infrastructure Lifecycle Management and Emerging Threats and Countermeasures.
Several companies, nonprofits and associations offer certifications. Most of these are vendor-neutral programs that can be applied to various cybersecurity situations.
Here is an overview of some of the more popular certification programs.
IT nonprofit (ISC)² offers five certificates as well as an introductory program. The certifications are for Certified Information Systems Security Professional, with concentrations in management, architecture and engineering; Security Administrator, Cloud Security Certification, Certified Authorization Professional, which is aligned with the Defense Department’s 8570 mandate, and PSecure Software Development Certification and HealthCare Information Security and Privacy Practitioner.
The tech association CompTIA offers four IT certifications from entry level to expert in IT core skills; infrastructure security, including Cloud, Linux and server; cybersecurity, covering analysis and penetration testing; and professional programs for project managers, trainers and business management.
Tech certification program, CIW, offers a Web Security Certification for professionals to learn how to improve network security, detect unauthorized activity and protect online data. The Web Security Associate Certification is for systems, firewall and server administrators, application developers and IT security officers, and it covers encryption standards, authentication standards and security principles.
The professional association ISACA provides certification in Governance of Enterprise IT, Certified Information Systems Auditor, Certified in Risk and Information Systems Control, Certified Information Security Manager, Cybersecurity Practitioner Certification and Certified Data Privacy Solutions Engineer.
Whatever the certification, building skills for a cybersecurity career will be an ongoing challenge in the ever-changing cyber world.
If you found this article useful, sign up for ISACA SmartBrief on Cybersecurity to receive more quality cybersecurity news content. For even more informative news coverage, subscribe to any of SmartBrief’s 275+ free newsletters.
Lilla Ross is a copy editor/writer for SmartBrief.