Cyberattacks continue to be a thorn in the side of organizations around the world, and there is really no sign of a slowdown in ransomware and other cyberattacks.
If you’re in the IT field, chances are you have a working knowledge of cybersecurity standards and can build, maintain, manager and monitor a secure network. However, cybercriminals are becoming more adept at finding ways around those safeguards and firewalls you put in place.
To bolster your knowledge and pad the resumes of you and your staff, here are some intermediate-level cybersecurity certifications you should consider pursuing, per the U.S. Cybersecurity and Infrastructure Security Agency’s Workforce Training Guide.
Some of these certifications require prerequisites, so be sure to check out each individual offering.
- Certificate of Cloud Security Knowledge. This certification comes from the Cloud Security Alliance and gives IT pros a “cohesive and vendor-neutral understanding” of cloud-based data security.
- GIAC Certified Forensic Examiner (GCFE). Administered by the Global Information Assurance Certification (GIAC), this certification gives professionals a way to demonstrate that they have the skills, knowledge and ability to conduct incident investigations and conduct computer forensic analysis.
- Certified Incident Handler (GCIH). This certification also from GIAC provides proof that an IT pro can detect, respond and resolve computer security incidents using a wide range of security skills and knowledge of attack techniques.
- Global Industrial Cyber Security Professional (GICSP). Another certification from GIAC assesses a base level of knowledge and understanding across a diverse set of professionals who engineer or support control systems and share responsibility for the security of these environments.
- Information Security Professional (GISP). Another GIAC certification validates an IT pros knowledge o the eight domains of cybersecurity knowledge as determined by (ISC)2, including asset security, communications and network security, identity and access management, security and risk management, security assessment and testing, security engineering, security operation and software development security.
- Certified Identity and Access Management (CIAM). This vendor-neutral certification administered by the Identity Management Institute and ensures competency in managing user identities and access to enterprise resources and data.
- Certified in Risk and Information Systems Control (CRISC). This certification from ISACA ensures IT pros are experts building a well-defined, agile risk-management program based on best practices to identify, evaluate, assess, prioritize and respond to risks.
- Certified Systems Engineering Professional (CSEP). The CSEP from the International Council on Systems Engineering recognizes systems engineers who have demonstrated knowledge and experience in systems engineering.
- Cisco Certified Network Professional – Routing and Switching and Professional Security. (CCNP). This certification from IT infrastructure giant Cisco validates an IT pros ability to plan, implement, verify and troubleshoot local and wide-area enterprise networks and work collaboratively with specialists on advanced security, voice, wireless and video solutions. The company also offers a three-year certification program for Cisco network security engineers who have the necessary sills to test, deploy, configure, maintain and troubleshoot the Cisco network security appliances and Cisco IOS software devices that establish the security posture of the network.
- Juniper Networks Certified Internet Specialist Security (JNCISSEC). Offered by Juniper Networks, this certification demonstrates a thorough understanding of security technology in general and Junos OS software for SRX devices.
- Microsoft Certified Solutions Expert (MCSE). This certification from IT giant Microsoft has 12 different specialty areas, including cloud platform and infrastructure, data management and analytics, productivity, server infrastructure, private cloud, enterprise devices and apps, data platform, business intelligence, messaging, communication and SharePoint.
- Offensive Security Certified Professional (OSCP). Offensive Security offers this hands-on penetration testing certification to ensure IT and cyber pros can successfully attack and penetrate various live machines in a safe lab environment.
- Offensive Security Experienced Penetration Tester (OSEP). This advanced penetration testing course from Offensive Security builds on the previous certification by teaching students to perform advanced penetration tests against mature organizations with an established security function.
- Offensive Security Exploit Developer (OSED). Another certification from Offensive Security teaches students the fundamentals of modern exploit development, including basic buffer overflow attacks to cracking critical security mitigations protecting enterprises.
- Professional Certified Investigator (PCI). This certification from ASIS International confirms an IT pro’s skills in security investigations, including case evaluation, review of options for case management strategies, surveillance, interviews and interrogations.
- Red Hat Certified System Administrator (RHCSA). Red Hat issues this certification to IT professionals who demonstrate the ability to perform core system admin skills required in Red hat Enterprise Linux environments.
- RSA Archer Certified Administrator (RSA Archer CA). This certification from RSA confirms an IT pro has experience as an IT administrator, business analyst of project manager within an organization and can perform integration and configuration management of the product and administer security.
- RSA Security Analytics Certified Administrator. Another RSA certification, the RSA Security Analytics CA certifies that an IT pro has general awareness of the functions and capabilities of the product, configuration and management of the product and monitoring and troubleshooting product operation.
- Tenable Certified Nessus Auditor (TCNA). With this certification from Tenable, IT pros certify that they have an in-depth knowledge of the Nessus vulnerability scanner and the underlying technical concepts.
- Tenable Certified Passive Vulnerability Scanner Auditor (TCPA). This certification from Tenable is designed for IT security analysts, security consultants or auditors who want to use the features available with Nessus and SecurityCenter users that wish to gain an in-depth understanding of Nessus vulnerability scanning.
According to a recent report, the number of ransomware attacks analyzed has increased by 288% between January-March 2021 and April-June 2021, which was even before the devastating rEvil attack that leveraged the Kaseya VSA product and a network of managed service providers.
Hackers are always improving their techniques to find ways into your systems, so you should likewise further your education and improve your ability to stop those attacks.