Posted by Trevor Boland

With more than 250 different certifications available, it’s daunting for it professionals, both in terms of choosing which cert to obtain, as well as deciding which would be best suited for your employees. The federal government is feeling the pressure too. The Center for Strategic and International Studies found that, in 2010, there were only 1000 people with skills to meet the cyber defensive needs. This is in stark contrast to the needed 10k-30k. While the most commonly accepted reasons are valid (lack in interested in STEM majors, poor salaries compared to private sector, and complex security clearance processes), another reason is the general confusion when it comes to certifications. That’s why the National Initiative for Cyber Security Education is attempting to create a guide to help hiring managers find the competencies required for their positions.
The study, being performed by C3 along with the University of Maryland will attempt to measure the value of particular certifications based not only on the time and effort required to get it but also the employers who will need it.

Of course, according to executive director of (ISC)2 W. Hord Tipton, as reported by SC Magazine, reports their accreditations are not suffering. Just in December of last year (2011) 3,700 exams where taken and those successful (about half) can expect to make an average of $98k annually as opposed to $78k without.

So, until the study is completed with the comprehensive certification values, which certifications should you attempt to fill your staff with? According to a report by WebWire you should aim for CompTIA Security+, CISSP and CEH. All three of these certifications show a comprehensive knowledge of cyber security. CISSP requires 5 years of security experience and covers 10 areas, while the CEH (Certified Ethical Hacker) covers “19 modules focusing on subjects like viruses and session hijacking.”

About the Author: Trevor is a staff writer for the iEntry Network.