Quick-Fire Rundown: Which Cyber Security Cert is Right for You?

Posted by Staff on Apr 28, 2017 3:11:41 PM

In CyberSecurity, Training

Okay, let me tell you a few things about cyber security, why it's important, and what certification is right for you - because I’m something of an authority on this, being a dragon and all.

First, let’s address why you should care about cyber security. This is not something that should be relegated to the IT folks in your basement, or attic, or crawlspace, or wherever you keep them (and if you do keep them in any of those spaces, shame on you). This is something you need to know about because you cannot protect your organization, resources (technological and information), or people without it. For another, you cannot do ITSM without understanding cyber security. Okay, you can do it, but not well, and speaking in absolutes is more dramatic. Most important of all, it is hard to make smart decisions without understanding cyber security, so you wind up on the sidelines in any conversation about it just like you are now when it comes to that show you don’t watch that everyone else does.

Now, let’s look at the ways in which you can build your cyber security knowledge through certification. There are three main options, each with its own strengths and qualifications. You could take one, or you could take all three and feel a sense of omniscience. It’s up to you. The question is: Where to start? Let’s break them down in a way that any non-dragon can understand:


This is a particularly good one to start with because it helps you build a strong knowledge base. There is a 90-question multiple-choice and performance-based exam that runs through scenarios so you can demonstrate you know what you’re doing. But given that this certification is for those who have two-years’ experience in security, we assume you know what you are doing. You do, right?


This certification is for those who have a management focus in their responsibilities, like a security auditor or assessor. Naturally, it has more stringent requirements—you must have five-years’ experience in two or more CISSP domains and put your skills to the test in a six-hour, 250-question multiple-choice examapalooza! It’s daunting. It’s a doozy. So maybe stay hydrated.

Certified Ethical Hacker (CEH)

Now this one is real next-level certification, as in it is geared to serious security pros performing tasks like security assessments, penetration testing, and hands-on network or system administration. Essentially, if you develop and test technology to verify your systems, this is for you. The exam is a four-hour feast of 125 multiple-choice questions and you need a 70% score to pass, but you can do it. I believe in you.

As you can see, you probably do not want to take all three exams at once, unless you have found a way to give up sleep without passing out. If you are relatively new to all things cyber security, start with Security+ to pick up the core concepts and then take on CISSP if your focus is on policies and procedures, or CEH if you are doing hands-on security work or managing an IT team.  

All of which to say, it’s time to get certified once, or twice, or even three times. After all, you can never be too secure.

Ready To Take This Further?

Check out our webinar to help you determine which type of Security Certifcation is right for you!

View the webinar

Ready to get certified? Check out our upcoming courses!