Today's top stories

Top security certifications: Who they're for, what they cost, and which you need

Expand your skills, know-how, and career horizons with these highly respected security certs

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.

If you’re pursuing a career in IT security, certifications can only help you. Certification-critics often say a certification means nothing, and acumen and experience are the true differentiators, but as a holder of dozens of IT security certifications, I beg to differ. So do employers.

A particular certification is often the minimum hurdle to getting an one-on-one in-person job interview. If you don’t have the cert, you don’t get invited. Other times, having a particular certification can give you a leg up on competing job candidates who have similar skill sets and experience.

Every certification I’ve gained took focused, goal-oriented study — which employers view favorably, as they do with college degrees. More important, I picked up many new skills and insights in IT security while studying for each certification test. I also gained new perspectives on even familiar information I thought I had already mastered. I became a better employee and thinker because of all the certifications I have studied for and obtained. You will too.

Security is more important to computing and the internet than ever before, and the following, well-respected security certs will not only help you stand out from the crowd but also make you a more valuable member of the IT security community.

CISSP

The International Information Systems Security Certifications Consortium’s (ISC2) Certified Information Systems Security Professional (CISSP) certification is the most coveted and accepted computer security certification around. This general computer security knowledge certification exam covers eight Common Body of Knowledge (CBK) domains, including access control, operations security, cryptography, and more.

The test consists of 250 multiple-choice questions that must be answered in six hours. Candidates must already have four to five years of professional experience in two or more of the CBK domains, and they must be endorsed by current CISSP certificate holder. Those who pass the certification must also sign and agree to follow a set of ethics, and each certification holder must periodically resubmit proof of continuing education, along with a fee, to keep the CISSP designation. Initial exam cost is $599.

I used to be an unofficial CISSP exam instructor and have taught hundreds of students on how to take and pass the exam. In my experience, candidates should buy at least two CISSP exam prep books and take at least 1,000 practice questions. Every student I ever had who followed this advice passed.

I haven’t always been a big fan of the test questions themselves. Back when I took and passed the exam, test questions weren’t always well edited or even technically correct. I was told these were most likely “beta” test questions that didn’t count toward scoring. Furthermore, no matter how much you studied or how many practice questions you answered, a large part of the exam would seem unfamiliar. Most CISSP test takers would walk out of the exam not knowing how they did, even if they did well.

To continue reading this article register now