Diving a little deeper
Previously, I've written about the value of cyber security degrees and wanted to dive a little deeper into this topic. Lately, I have had a series of conversations on this topic. The opinion I've formed on the subject seems to represent a large consensus.Many jobs in cyber security require people to have a certification. Or, at least, a cert will help back up a skill set. They're helpful in getting many of the jobs are out there. Penetration testing, malware analysis, web application security, mobile security and so on, are all jobs that are commonly given to people who have certifications.If someone has a job in these areas, and does not hold a certification, they are likely very experienced in that field or they have proven themselves in other ways. Besides helping you land a certain, different type of job, certifications also play a role in helping people advance within a current category.For example, someone with a CompTIA Security+ certification
, could reasonably expect to move into a penetration testing
role, if they achieve a Certified Ethical Hacker certification
. This is a generalization, but the point is, certification will help move you up the ladder on a path to a penetration testing career
. So, where do cyber security degrees fit into the cyber jobs ecosystem?
I recently had a conversation with a local friend named Joe Deal. Joe operates a website called CyberDegrees.org. This website is a resource to people who are looking to find the best fit for a cyber security degree provider, or a directory of cyber security degree providers of sorts. In our conversation, Joe and I discussed how cyber security degrees often set people up better for cyber security leadership positions. In other words, cyber security professionals working at a lower level in their organization are more often moved up the corporate ladder when they possess or obtain a degree specific to the field.Another way in which cyber security degrees play a role in the industry is via Governance, Risk and Compliance (GRC) careers. GRC jobs, on average, tend to be a bit more business focused, versus cyber technical focused. Topics like risk management, regulation and even finance play a significant role in these types of jobs. Generally, cyber security degrees, given their theoretical nature, really do an excellent job preparing people for careers like these. In summary
It seems clear to me that certifications have their direct purpose in the cyber security industry, but so do cyber security degree programs. Depending on what your career goals are, one path may be more relevant than another.