Navigating Cybersecurity Certifications

It Ain’t Easy…

I have the privilege of talking to a lot of people trying to become a cybersecurity professional. They ALWAYS have questions about certifications: Are they worth it? Which one(s) should I pursue? Which ones would get me a job? How should I get it? I talked about it in my book “Navigating the Cybersecurity Career Path”, but this topic keeps coming up, so here are my thoughts.

Photo by Honey Yanibel Minaya Cruz on Unsplash

Should I Get A Cert?

Answering this question always leaves me a bit uneasy. Why? The answer to the question is complicated. Consider:

• Just because a certification is popular doesn’t make it good.
• There are a ton of certs out there, so how can one person know enough to make a recommendation?
• Doing a certification takes time and money, so recommending the wrong cert is a gate-keeping exercise at best, purely negligent at worst.
• Most notably, hiring managers often value on-the-job experience over certifications, so if you only have limited time to invest, I suggest you invest it in practical, on-the-job experiences, not on a cert.
• Almost every job posting asks for some kind of cert.
• If resumes are similar in every other way, having a cert might tip the hiring manager to prefer…