Cybersecurity Training

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Cybersecurity training is the key that unlocks the door to lucrative and flexible career paths in a field where professionals are scarce and demand is high.

It’s also a wise investment for organizations filling in professional gaps by retraining their existing workforces.

How urgent is the cybersecurity hiring and training need? The numbers paint a clear picture:

Cybersecurity Ventures predicts there will be 3.5 million unfilled cybersecurity jobs globally in 2021
Fewer than one in four applicants for open cybersecurity positions are qualified, according to the MIT Technology Review
A cyberattack occurs somewhere in the world every 39 seconds
Data breaches cost organizations an average of $4.1 million per incident in recovery costs, according to IBM

The demand in cybersecurity contributes to an increasingly chaotic cybersecurity training market — the choices can feel overwhelming. This review lay outs information about some of the primary options available for cybersecurity training, including certifications, college degrees, and supplemental courses to bolster existing skill sets.

The eight cybersecurity domains

Cybersecurity is an umbrella term that encompasses a wide range of related and interrelated topics. A helpful framework for understanding the specialties within cybersecurity is thinking of the field as being separated into a set of eight Certified Information Systems Security Professional (CISSP) domains — or cybersecurity areas that require unique skill sets:

Security and risk management
Asset security
Security architecture and engineering
Communication and network security
Identity and access management
Security assessment and testing
Security operations
Software development security

Cybersecurity in higher education

Many cybersecurity professionals start their careers with a college degree. Typical majors include:

Cybersecurity
Information security
Computer science
Computer engineering
Programming

College graduates often complement their bachelor’s degrees by studying at the postgraduate level in a specialized cybersecurity field.

Cybersecurity certifications

College is not the only viable path toward a career in cybersecurity. Certifications issued by various corporations and associations can be beneficial. Depending on the role, it could prove more practical than broader college coursework, which is sometimes more on the theoretical side of cybersecurity. Many cybersecurity professionals hold multiple certifications in addition to their college and postgraduate degrees.

Still, it’s important to note that hundreds of thousands of positions within the cybersecurity field do not require four-year degrees. Many of these can be great fits for candidates holding various certifications.

See more: Cybersecurity Market 2021

5 top certifications in cybersecurity

These five certifications are among the most sought after.

Certified Information Systems Security Professional (CISSP)

CISSP certification, issued by (ISC)², is one of the most popular credentials in the cybersecurity field. This wide-ranging certificate covers IT security and the design, implementation, and administration of cybersecurity programs.

CISSP is aimed at experienced security professionals who want to expand their roles or advance their careers.

Typical roles:

Chief information security officer (CISO)
Security administrator
IT security engineer
Senior security consultant
Information assurance analyst

Requirements:

Five or more years of cumulative work experience in two of eight cybersecurity domains

Note: A four-year computer science degree satisfies one year of the work requirement, and part-time positions and paid internships count too.

Certified Information Systems Auditor (CISA)

The CISA certification, issued by IT professional association ISACA, demonstrates expertise in security vulnerability assessment, control design and implementation and compliance reporting.

CISA is also geared toward IT professionals seeking to enhance their roles.

Typical roles:

IT audit manager
Cybersecurity auditor
Information security analyst
IT security engineer
IT project manager
Compliance program manager

Requirements: Five years of experience in IT or information security auditing, control, security, or assurance. Two- and four-year degrees count toward the requirement.

Certified Information Security Manager (CISM)

ISACA also issues the CISM certification, which focuses on the management side of information security. The CISM demonstrates knowledge in governance, program development, and program, incident, and risk management.

Typical roles:

IT manager
Information systems security officer
Information risk consultant
Director of information security
Data governance manager

Requirements: Five years of experience in information security management. Two years of the requirement can be met with general information security experience, other certifications in good standing, and graduate degrees in related fields.

Security+

CompTIA’s Security+ certification is designed as an entry-level option that demonstrates holders have core cybersecurity skills. Topics include organizational security assessment, cloud monitoring and security, Internet of Things (IoT) environments, risk and compliance, and security incident response.

Typical roles:

Systems administrator
Help desk manager
Cloud engineer
Security engineer
Security administrator
IT auditor
Software developer

Requirements: CompTIA recommends obtaining their Network+ certification first and putting in at least two years of IT work with a security focus, but there are no strict requirements to take the exam.

Certified Ethical Hacker (CEH)

The CEH certificate, issued by the EC-Council, covers “white hat” hacking, penetration testing (“red team”), and other roles related to lawful hacking. Organizations use ethical hackers to try to uncover vulnerabilities before bad actors can.

Typical roles: