Gosh. That’s a bit like asking, where is the best place to live, or what is the best food on the planet? So, rather than kick the ass out of this let’s just say one thing: all InfoSec and Cybersecurity Certifications are good. We do NOT get involved in any form of discussion about wether Certifications are worth it but what we will always stipulate is that any effort that you make in bettering yourself must be congratulated.
Update! This post was written way back and a lot has changed since then. We’ve interviewed dozens of Cybersecurity Professionals that are either Penetration Testers or Cybersecurity Analysts (go ahead an click those links to see their advice). The reason why we bring that to your attention is because these folk lend advice on what Cyber Certifications they actually needed and took to get where they are, in other words, you’ll get advice from real people in real jobs and therefore their advice is and will always remain invaluable.
Bit Of Histing To This Post: When we first published this post it was titled: “The Top 9 Cybersecurity Certifications” because, literally, back then there were only really nine ‘major certs’ that we could think of and in fact the list below (which is the original) is still spot-on.
Unless otherwise stated these certifications are assessed by multiple choice and they require continuing education with the notable exception of the OSCP Certification. We are biased. Our favorite of these certs is the OSCP created and assessed by the fine folks over at Offensive Security, the creators of Kali Linux (the Linux Hacking Distro). For our reasons we love the OSCP and to hear from Cybersecurity Professionals who have taken this Penetration Testing Cert hit this link.
The Certs that are missing from our above list are the following: CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), GSEC (GIAC Security Essentials Certification), CRISC (Certified in Risk and Information Systems Control) and SSCP (Systems Security Certified Practitioner).