Look at any current cybersecurity professional’s inbox, and you’ll see that there’s no lack of positions available. Estimates from Cyberseek run over 750,000 unfilled roles in the United States, which means the right opportunity is available for the right candidate.
One way to stand out is through certifications. But how do you sort through the myriad options to decide which path to take?
Think about what area you are most drawn to. Are you passionate about writing? Do you have excellent attention to detail? Do you prefer the technical to the policy? Do you stay up late working out risk scenarios in your head?
Once you determine where you want to go, here are some of the best certifications to get noticed – and hired – this year.
1. (ISC)2 Certified in Cybersecurity
In 2022, (ISC)2 announced this new beginner certification, which provides the fundamentals of cybersecurity to help participants achieve their first role in the field. (ISC)2 has committed to giving away one million free certifications and training on this path to allow more individuals to “see themselves in cybersecurity.”
While it’s a new program, this is a great way to show commitment to the cybersecurity field. If you’re just starting to explore where you want to go in cyber, this is a great first step.
2 ISACA CISA (Certified Information Systems Auditor)
As more companies look at vendor risk management and compliance with security controls at their third parties, auditing will definitely be on the rise, and auditors will be in high demand. This certification also gives a great overview of controls and what’s expected for evidence and compliance to controls, and it can lead to bigger careers in Governance, Risk and Compliance (GRC). GRC roles tend to appeal to folks who enjoy writing, can see the bigger picture, and have good attention to detail.
3. ISACA CRISC (Certified in Risk and Information Systems Control)
Understanding information security controls, risk frameworks, and how to determine risk is imperative for every cybersecurity professional. This certification doesn’t require the same time commitment as many other experience-based certifications (three years compared to five for several other ISACA credentials), but it provides exceptional foundational information on risk, compliance frameworks, and building a risk management process and program. This certification is beneficial for all professionals, at any stage in their careers.
4. IAPP Privacy certifications
Privacy is a newer kid on the block, but it’s no less important and increasingly in demand as more localities inside and outside the United States take up privacy regulations.
[ Also read 5 unconventional tips to grow your career in 2023. ]
Privacy is getting into the certification game and many businesses are starting to see more requirements around understanding what data they have, where it sits, and who owns it.
IAPP offers three certifications that are valuable to someone getting into privacy, depending on what they want to do – regulation, operations, or management. Privacy can run the gamut of avenues, with tie-ins to cybersecurity, risk management and governance, so dig into what you are most interested in and follow the certification from there.
5. SANS Global Industrial Cyber Security Professional (GICSP)
Utilities, manufacturing, and medicine are among the many fields that rely on industrial control systems for day-to-day operations.
Many of these systems were never anticipated to last as long as they have, let alone be connected to the internet. With critical infrastructure being high on the Cybersecurity and Infrastructure Security Agency’s list of programs to protect, industrial control systems security and support is in high demand. This certification from SANS gives you the understanding and the tools to help support these environments, even as they develop and expand.
6. (ISC)2 CCSP (Certified Cloud Security Professional)
While both Microsoft and Amazon have individual technical certifications for their cloud programs (as do Google, Oracle, and others), this certification from (ISC)2 provides understanding around clouds in general, teaching participants to design, develop, and protect different cloud environments and provide the best-in-class service for them.
As cloud applications become standard, expect more demand for individuals who understand how clouds work and need to be protected, beyond just the technical requirements of individual providers.
When considering any certification or training path, remember that most require renewal fees. Additionally, some may require a certain amount of time in the field (for example, the CISA requires five years of experience in auditing, assurance, or some area of security). Furthermore, nearly all certifications have continuing professional education requirements, with most organizations offering plenty of opportunities to earn those CPE hours (or you can get another certification to meet the requirement).
Should you decide to take on any of these in-demand certifications in 2023, I wish you good studying and good luck on the exam!
[ Check out essential career advice from 37 award-winning CIOs! Get a variety of insights on leadership, strategy, and career development from IT executives at Mayo Clinic, Dow, Aflac, Liberty Mutual, Nordstrom, and more: Ebook: 37 award-winning CIOs share essential IT career advice. ]