People often ask, “What certifications are best in cyber security?” My answer is to follow the numbers. By that I mean do some research on what certifications are desirable based on employer’s requirements. For example, the Department of Defense has a directive that prescribes which certifications employees must have to work in Information Assurance (cyber security). You can check out the “DoD 8570 Information Assurance Workforce Improvement Program” located at: http://iase.disa.mil/iawip/Pages/index.aspx.
The DoD requirements are divided based on job role or function. Each job role has corresponding qualified certifications. You can see the breakout on the chart here. A complete list of applicable certifications is on the IASE website at http://iase.disa.mil/iawip/Pages/iabaseline.aspx.
Note the certification organizations listed; you will notice it is a short list consisting of (ISC)2, ISACA, SANS, CompTIA, Cisco, CERT, and EC-Council. If your goal is to get a job, enhance your career, or insulate your career from market turbulence, then certifications from these organizations will help you get your resume to the top of the stack and put your career on a solid foundation.
You may wonder if the if this list is good outside of the DoD. From my experience the list was not invented by the DoD but rather the DoD codified what industry practice was. You can put this to the test, look up some job postings and see what certifications are desirable. Do you see any similarities?
Two of the certification organizations, ISACA and (ISC)2, have been around the longest and have the most recognized certification in the industry. Both have professional certifications that require continuing education once you are certified. In a future post, I will cover these organizations and their certifications.
Another important thing to consider for your career is the future prospect of cyber security. Recent studies indicate there will be a deficit of 2 million cyber security professionals by 2019. The future looks bright for cyber security.