As the privacy industry matures, we’re seeing more privacy and security jobs seeking professionals who have cybersecurity certifications.
In this post, we provide an overview of some of the most recognised cybersecurity certifications in Australia, including information about prerequisites and where they can take your career.
Offered by (ISC)², the CISSP certification is perhaps the most recognized cybersecurity certification. IT focuses on various aspects of information security, including risk management, cryptography, security operations, and more. The CISSP certification is broadly considered to be quite technical (more technical than the CISM for example) but it aimed at security managers.
Specifically, the course covers:
Typical CISSP Candidates are professionals with at least 5 years of information security experience, including:
To gain the certification you must pass the exam (which is challenging), sign up to the code of ethics and complete an application form that includes detail of your experience to demonstrate how you meet the practical experience requirement. More information about the practical experience requirements can be found here.
Offered by ISACA, the CISM certification is designed for professionals in IT governance and management, focusing on security strategy, risk management, incident management, and program development. Typically, CISM-test-takers are required to have five or more years of experience in information security management before taking the exam. Though, experience waivers may be provided for up to two years.
The CISM is considered to be a fairly practical cyber security course, with ISACA’s website outlining that 70% of CISM-certified professionals experienced on-the-job improvement (and 42% reported a pay boost).
It is geared towards security professionals who design and manage organisational information security programs and includes a focus on linking that program to the broader business goals. As a result, it tends to be favoured by IT professionals looking to make the move to management.
The CISM body of knowledge is based on four domains:
Also provided by ISACA, the CISA certification validates expertise in auditing, controlling, and assessing information systems. It focuses on auditing processes, governance, and information system protection. Typically, CISA-test-takers have five or more years of experience in information security management before taking the exam. Though, experience waivers may be provided for up to three years.
Specifically, the CISA exam covers the following domains:
The CISA certification is beneficial for security professionals looking to advance in the following areas:
More information about the certification is available here.
This vendor-neutral certification from CompTIA covers foundational knowledge of network security, compliance, operational security, threats, and vulnerabilities. It serves as a starting point for many professionals entering the information security field into entry-level roles.
It is a good starting point for individuals looking to start working in:
There are no mandatory prerequisites for the CompTIA Security+ certification, but CompTIA recommends completing their Network+ certification and getting two years of IT administration experience under your belt before taking the exam.
Offered by the Global Information Assurance Certification (GIAC) program, the GSEC certification covers fundamental security knowledge. This cybersecurity certification is vendor-neutral and provides a basic overview of the key concepts required to work in an entry-level cybersecurity position.
The GSEC certification covers (amongst other things):
There are no mandatory prerequisites, however, the GIAC recommends some background in networking and information systems.
The OSCP certification, offered by Offensive Security, is highly regarded in the field of penetration testing. It requires candidates to pass a hands-on exam by exploiting various systems and providing comprehensive reports. It is considered to be more technically difficult to obtain than other penetration testing certifications.
To take the OSCP, you must have a solid understanding of TCP/IP networking, alongside reasonable experience and understanding of Windows and Linux administration and Bash and/or Python scripting.
Provided by the International Council of E-Commerce Consultants (EC-Council), the CEH certification validates skills in identifying vulnerabilities and weaknesses in computer systems through ethical hacking techniques. It is for industry professionals looking to work in penetration testing.
The EC-Council recommends gaining at least two years experience working as an IT professional before taking the CEH certification exam. However, in lieu of experience, budding security professionals can choose to take the EC-Council’s free Cyber Security Essentials Training.
The CEH certification requires test takers to demonstrate the following knowledge:
Privacy 108 can offer training for your team in some of the most popular privacy and cybersecurity certifications. Contact us for more information.
"*" indicates required fields
"*" indicates required fields
Privacy 108 collects your name and email to send you our newsletter. If you do not provide this information, we will be unable to send it to you. We may use third-party service providers (such as email marketing platforms) to distribute our communications. Some providers may store information overseas, including in the United States. For more information about how we handle your personal information, including how to access or correct it or make a complaint, please see our Privacy Policy or contact us at hello@privacy108.com.au. You can unsubscribe at any time using the link in our emails or by contacting hello@privacy108.com.au.
