"Certifications are essential to the career of cybersecurity professionals" - Julien Legrand (CISO MAG, 2019).
What are Professional Certifications, and What are the Benefits?
Professional certifications are excellent for employees, employers, and other organizations who require any level of information technology (IT) services. A professional certification verifies that a person has specific skills and knowledge on a particular topic/subject. For example, if someone holds an active CompTIA Security+ certification, you can confirm that they know cybersecurity basics. Specifically, topics such as access control, cryptography, cyber forensics, data security, disaster recovery planning, firewall configuration, malware identification, mobile device security, network security, security configuration, security policies, threat analysis, and threat detection (Credly, n.d.). These skills are verified by CompTIA, a trusted certifying, non-profit, vendor-neutral organization in various IT and cybersecurity categories. Different certifications, from a breath of certifying organizations, which cover different topics, and each demonstrates various skills and knowledge. The world of IT is vast. Therefore, there are many certifying organizations with a handful of various certifications. There can and will be overlapping skills and knowledge from one certificate to the next; however, no two certifications are the same.
Independent and approved test organizations, such as ISACA, (ISC)2, and CompTIA, have been established to offset the commercial bias of suppliers and to give internationally comparable certifications. The ISO/IEC 17024 standard stipulates that exam bodies must meet a globally recognized industry standard (Espellman, 2017). These standards:
Are consistent, similar, and trustworthy globally
Demonstrate that the bearer has the required knowledge and abilities
Are verified so that they are acknowledged by employers and peers
Risk Reduction
Requiring certifications for cybersecurity staff can significantly help an organization mitigate risks in many ways. Having a qualified team with proven knowledge and skills improves the cybersecurity posture around the organization in every aspect. The risks that can be mitigated will vary depending on what certifications are held by the staff. However, cybersecurity certifications generally can mitigate three specific risks: Misconfigurations, Poor Auditing, and Lack of Incident Response.
Misconfigurations When you have a cybersecurity staff that knows how attackers break into networks, your cybersecurity staff can better secure the environment. The team will know common attack vectors and learn how to thwart them. For example, a trained cybersecurity professional knows that telnet is a very insecure protocol. Therefore, they will disable telnet throughout the network and use Secure Shell (SSH) instead. On the other hand, an untrained staff member may not know how dangerous telnet is and will use it over SSH because it is easier to implement.
Poor Auditing Auditing the network is critical when it comes to cybersecurity. A trained cybersecurity professional will know how to read packet captures (pcap) and be proficient at examining network traffic. They will know when something doesn't look right in the case of a cyberattack. On the other hand, a novice cybersecurity staff member may not notice anomalies in the network traffic and not sound the alarm, causing the attack to be detected late or not at all.
Lack of Incident Response Every cybersecurity professional should have knowledge and skills in incident response, especially if your organization does not have a dedicated incident response team. Organizations without a dedicated team appoint cybersecurity staff members as the incident response team in many cases. A handful of cybersecurity certifications touch on incident response. People with these certifications will be better prepared in the case of a cyberattack. An untrained staff member may not know what to do during a cyberattack and potentially make the incident worse than it should be.
Summary
Professional certifications benefit workers, companies, and other entities requiring any degree of information technology (IT) services. A professional certification validates an individual has specialized abilities and expertise on a given topic or subject. Independent and recognized testing bodies, such as ISACA, (ISC), and CompTIA, have been developed to counteract vendors' commercial bias and provide industry certifications that are recognized globally. In addition, the ISO/IEC 17024 standard requires exam organizations to comply with an internationally recognized industrial standard. Having certified personnel with demonstrated expertise and abilities helps the organization's cybersecurity posture. Cybersecurity certifications can prevent three risks: Misconfigurations, Poor Auditing, and Lack of Incident Response.
References
CISO MAG. (2019, November 12). Which cybersecurity certifications are important for professionals? https://cisomag.eccouncil.org/cybersecurity-certifications/
Credly. (n.d.). CompTIA Security+ CE certification. Retrieved June 18, 2022, from https://www.credly.com/org/comptia/badge/comptia-security-ce-certification
Espellman. (2017, February 22). ISO 17024 – the international gold standard for IT qualifications. IT Governance USA Blog. https://www.itgovernanceusa.com/blog/iso-17024-the-international-gold-standard-for-it-qualifications