Are Cybersecurity Certifications Dead In 2024 ??
My opinion on the current state of Cybersecurity certifications
“ I am interested in getting into Cybersecurity .. How many certs do I need ?”
This is a common question I get asked when I help people out in Cybersecurity.
I resist the urge to facepalm every time.
Let me be clear .. this article is NOT about bashing Cybersecurity certifications
I believe certs are an important way to baseline your knowledge and demonstrate you have done the minimum level of work needed for a position
BUT
They are no longer a guaranteed ticket to landing a job
Getting the CISSP or CISA or CISM is an amazing achievement .. but they no longer make you stand out
Becoming a “Cert Factory,” i.e., doing one cert after another, will only waste your time and money
As someone who has reviewed thousands of resumes .. too many certs on your CV start to blur together after a while
To land that Cybersecurity job .. you need to stack two things on top of that cert:
Practical hands-on skills
A Strong Personal Brand
1 — Practical Hands-On Skills
Given the number of cybersecurity issues that keep cropping up regularly, companies no longer want people with book knowledge from a CISSP prep guide.
They want people who can demonstrate their ability to handle real-world security challenges.
This means getting your hands dirty with actual tools and technologies used in the industry.
You can participate in Capture the Flag (CTF) competitions, contribute to open-source security projects, or set up your lab environment to practice.
These activities build your skills and show potential employers that you can apply your knowledge in practical scenarios.
Check out this recent article of mine which is focused on Cloud Security but can be applied to any Cybersecurity field
2 — A Strong Personal Brand
A strong personal brand is more than just having a polished LinkedIn profile.
It’s about showcasing your expertise, sharing your insights, and building a reputation in the cybersecurity community.
I have written about this many, many times, but here are some ways to build your brand:
Blogging: Start a blog or newsletter where you write about your experiences, challenges, and learnings in cybersecurity. This demonstrates your knowledge and passion for the field.
Teaching: Share your knowledge via YouTube videos or Udemy courses. Teaching what you know publicly helps establish you as a thought leader plus makes you stand out from other professionals.
So .. Are Cybersecurity Certifications Dead?
The answer is no, but their role has evolved.
They are no longer the golden ticket they once were.
Certifications alone won’t make you stand out in a crowded job market. You need to complement them with practical experience and a strong personal brand.
Relying solely on certifications is a strategy of the past.
Use them as milestones rather than endpoints.
They should be part of your broader learning strategy.
Good luck on your journey!