ZDNet’s recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNet nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNet’s editorial team writes on behalf of YOU, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form
Cybersecurity certifications can help you get your foot in the door into what has fast become an industry with a high demand for skilled staff. Here is how to get started.
By Charlie Osborne | | Topic: Building the digital workforce: Tech skills trends and strategies for success
Hardly a week goes by when we don’t hear of a data breach, an exposed AWS bucket leaking the records of millions of people, or a serious cybersecurity incident that gives IT teams sleepless nights and prompts government agencies to issue alerts to warn the enterprise of new threats.
Two incidents alone in 2021 — the Microsoft Exchange Server vulnerabilities debacle and the ransomware attack against the Colonial pipeline, which supplies 45% of the East Coast’s fuel — have highlighted the need for cybersecurity experts to protect both enterprise resources and core, critical services, and infrastructure.
The industry does not necessarily demand certifications to get started, but there are options available to give you a thorough grounding in different concepts, explore different areas in the field to pursue, and deepen your knowledge and expertise.
Below, we have listed the best options to get you started and to stand out when you apply for a role in this lucrative field.
Cybrary is an excellent online resource for video-based courses in cybersecurity suiting a range of skill levels and existing qualifications.
You can enroll in courses that explain the fundamentals of particular career paths — whether this is as a system administrator or network engineer — and if you can ignore the somewhat cheesy thumbnails used to tout some of the courses, the actual content is valuable and comes with an estimated time to completion and difficulty rating.
You might want to explore some of these courses as introductory prep for other, formal qualifications such as the EC-Council’s Certified Ethical Hacking (CEH) and CISSP. Virtual labs for tools including Wireshark and practice tests for qualifications including CompTIA Security+, CISM, and others are also available. (However, it should be noted that the resources on offer, such as for the CEH, are not official courseware or lab sessions.)
Courses can be completed at your own pace and some, such as those offered by Cisco, result in formal qualifications after you pass. In addition, you can follow set ‘career paths’ with course recommendations.
Some courses are free while others require an enrollment or test fee.
It might not be as exciting as learning about penetration tools or software that can crack passwords, but a thorough understanding of networks is a necessity for today’s cybersecurity defenders.
To get started, you should consider the CompTIA Network+ course, which teaches learners how to build a network from the ground up, how to identify different kinds of network topology and configurations — as well as explores the common types of network-based attacks.
Following this entry-level course, you can take Security+, a baseline qualification in security concepts.
CompTIA Security+ (SY0-501) is retiring this year, but SY0-601, the refreshed course, is now available.
The SANS Institute is a well-known provider of professional cybersecurity courses and SEC401 is described as a “bootcamp” for those with some existing knowledge of IT, networking, and security.
While certainly not a cheap undertaking, the in-depth course covers security metrics, audits, risk assessments, network protection, incident detection and response, and more.
As a course for working professionals, SANS offers flexibility through on-demand, online, or in-person — where possible — training.
Offensive Security’s Penetration Testing with Kali Linux (PEN-200) is the organization’s foundation course in using the Kali Linux OS for ethical hacking.
The vendor’s focus is on offense and hands-on learning rather than lectures and completely academic study. Offensive Security encourages critical thinking and problem-solving with its “Try Harder” slogan — after all, if you can learn to think like an attacker, you can better protect systems against them.
You will need a solid understanding of networking principles and some understanding of Windows, Linux, and Bash/Python will help.
Successfully completing the course will give you the OSCP certification — as long as you can handle the 24-hour exam.
CISSP, offered by the International Information System Security Certification Consortium, is one of the most well-known professional cybersecurity qualifications worldwide.
The course covers the design and implementation of cybersecurity programs, including engineering, security architectures, risk management, identity and access management, and software security, among other topics.
CISSP can be taken in the classroom and led by instructors in real-time, but you will need years of experience in the field as a prerequisite. Due to the pandemic, the CISSP, CCSP, SSCP, CAP, CSSLP, and HCISPP are currently available as online options for a lowered price.
Costs vary but will be several thousands of dollars, depending on your region.
ISACA Certified Information Security Manager (CISM) certification is focused on four areas: information security governance, risk management, infosec program creation and management, and security incident management.
Therefore, this qualification isn’t suitable as a foundation, but rather, could be valuable to move up the management chain in an enterprise role. To become certified, you need to both pass the exam and have acceptable work experience.
The price is roughly $760, however, a discount is on offer for ISACA members.
Global Information Assurance Certification (GIAC) is an institution that offers an array of IT and cybersecurity qualifications.
GIAC’s offerings include topics such as security administration, management, legal, auditing, cyberforensics, and software security, and depending on your areas of interest, you can follow roadmaps with suggested courses to broaden your knowledge and skill set.
GIAC is an affiliate of the SANS Institute and some courses, such as GIAC Security Essentials, correspond to training offered by its partner organization.
Prices vary for different certifications.
If you’re unsure, check out free courses on Cybrary, YouTube tutorial videos, and Hack The Box before you sign up for a qualification. We especially recommend these options for those who are not completely sure they want a career in cybersecurity.
Yes. If you don’t understand the fundamentals, this will lead to a flawed understanding of cybersecurity concepts. You should take the time to build yourself a foundation in IT knowledge first.
There is a range of options out there: being self-taught, apprenticeships, degrees, and professional qualifications. If you’re serious about a career in cybersecurity and want to eventually move up the ladder, then just as in many other fields, qualifications can give you the leg-up you need.
Choosing a course should depend on your knowledge level and current skill set. Rather than jump right in with an advanced qualification, you may need to spend time learning the basics with a CompTIA, or you may already have enough industry experience to tackle one of the more advanced courses on our list.
While compiling our recommendations, we covered a range starting from entry-level and broad courses designed to give you foundational knowledge in IT — from the hardware to networks and how systems communicate — to more advanced, technical certifications that are sought-after by employers.
Best online master’s in data analytics 2021: Top picks
Computers & Tech
Best online software engineering degrees 2021: Top picks
Computers & Tech
Best online certificate programs in web development 2021: Top picks
Computers & Tech
Best online master’s in computer science 2021: Top picks
Computers & Tech
What to expect in a computer science degree program
Computers & Tech
Beginner computer classes online: What can you take, and where?
Computers & Tech
What, exactly, is information technology?
Computers & Tech
Online schools that provide a computer: 2021-2022
Computers & Tech
Cybersecurity training options: What’s right for you?
Computers & Tech
Please review our terms of service to complete your newsletter subscription.
You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By joining ZDNet, you agree to our Terms of Use and Privacy Policy.
You agree to receive updates, promotions, and alerts from ZDNet.com. You may unsubscribe at any time. By signing up, you agree to receive the selected newsletter(s) which you may unsubscribe from at any time. You also agree to the Terms of Use and acknowledge the data collection and usage practices outlined in our Privacy Policy.
© 2021 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use