Cybersecurity: CISSP vs GSEC Certification
2018 will inevitably bring new cyber threat such as data breaches, hacked networks, or new types of ransomware. Therefore, cybersecurity experts will continue to be in high demand, especially those with prior technical experience and knowledge. What does it take to become a cybersecurity expert? Are certifications of any help? If so, which certifications are the best?
Information security specialist, system administration or system engineer are only a few examples of security-related jobs. These cybersecurity specialists are needed the most: cloud security specialists, network security specialists, security analysts, or data security specialists. Having a degree in IT, computer science, network engineering, mathematics, or cybersecurity is a good start for having a career in the cybersecurity field. However, in addition to education, experience, self-taught skills, and technical and soft skills, are needed.
Certifications – Types
Having cybersecurity certifications does not guarantee a good career in the field. But it definitely raises the prospects of having one. Let’s look at these certifications in more detail and why they are a significant addition to already acquired skills and experience.
These certifications are among the most valued for cybersecurity experts:
- CompTIA Security+
- CISSP (Certified Information Systems Security Professional)
- Cisco CCNA (Cisco Certified Network Associate Routing & Switching)
- CEH (Certified Ethical Hacker)
- GSEC (SANS GIAC Security Essentials) or
- CISM (Certified Information Security Manager)
This type of certification is good for three years and is internationally recognized. A professional with this background will have the knowledge and skills to secure application, networks and devices. This certification serves as a stepping stone for network security skills and knowledge of risk management.
CISSP (Certified Information Systems Security Professional)
In order to obtain this certification, you will need at least five years of paid, full-time work experience in the information security field. To be eligible, you will also have to posses the knowledge of at least 2 of the eight domains of the (ISC)2 CISSP Common Body of Knowledge (CBK), such as security and Risk Management, Security Engineering, Security Operations, Software Development Security, or Communications and Network Security. To maintain your credential, you must be re-certified every three years.
Cisco CCNA (Cisco Certified Network Associate Routing & Switching)
This certification by Cisco will prepare you for a career in networking, and you will be able to understand network infrastructure and protocols. It will also keep you up to date with the latest technological developments.
CEH (Certified Ethical Hacker)
This certification is offered by the International Council of E-Commerce Consultants (EC-Council). Certified professionals will have specific knowledge and skills about system’s vulnerabilities, such as hacking web servers, web applications, wireless networks, viruses, or penetration testing. . Candidates must pass one exam, after they demonstrate 2 years of experience in the information security field.
GSEC (SANS GIAC Security Essentials)
This is an intermediate-level certification for professionals in the information security field with focus on “hands-on roles”. GSEC certification holders have knowledge and skills in areas such as password management, active defense, cryptography, endpoint security, incident handling and response, network device security, or penetration testing. This certification has to be renewed every four years and candidates must accumulate professional experience credits.
CISM (Certified Information Security Manager)
Certified Information Security Manager is an advanced certification for professionals and it is offered by ISACA. It is specifically designed for those working with information security management responsibilities, such as information security managers or chief information officers. To qualify for the exams, candidates must have at least 10 years of work experience.
More information here:
Previous posts about careers in the cybersecurity field: Part I addressed the most valued skills for cybersecurity experts, Part II focused on specific soft and technical skills needed.