Cert Chasing: Good or Bad?

To Cert or not to Cert?

If you’re taking a breather from Daredevil Born Again, like I am, you’ve come to the right place.

No, let’s get into it.

To Cert or not to Cert? That is the question.

I have no issues with getting certifications in Cybersecurity. (Although some people do)

I think they are a great way to baseline your knowledge AND prove that you have the requisite knowledge needed for an exam and possibly the role.

If you are newer to the field then getting a few certifications under your belt will definitely help.

That being said, the saying goes “Certs will get you the interview, but skills will get you the job”

In other words, certifications can help you land the interview but ultimately you will have to pass those rounds to be able to land the job.

The problem here is when people start churning certifications and thinking this is the ultimate path to get in the field or for career growth.

If I am interviewing someone for a role, see their resume, and see 5+ certs in a very short span of time, it raises some eyebrows. (Mainly if they are entry-level certs)

Ask anyone who has conducted interviews at scale about this point.

It could point to an abundance of theory and a lack of practical knowledge, (and cert dumps are common nowadays), not to mention GenAI here.

If you are pursuing a certification, then you have probably heard of the CompTIA, SANS, AWS, GCP certification bodies.

All of these differ in what they are aiming for, but we’ll briefly discuss how they look like.

CompTIA Security+

The CompTIA Security+ certification is an entry-level certification that is for professionals who are newer to the cybersecurity field.

Many DoD jobs will require this one.

The certification covers essential cybersecurity concepts, such as network security, governance, risk, and compliance, threats and vulnerabilities, access control, and identity management.

The exam consists of 90 multiple-choice questions over a time of 90 minutes, and candidates must achieve a score of 750 or higher to pass the exam.

https://www.cyberseek.org/heatmap.html

AWS Certifications

These certification covers essential AWS cloud concepts, including AWS core services, security, pricing, and support.

The AWS Cloud Practitioner is their entry-level cert.
For the exam, candidates must have at least six months of AWS cloud experience.

The exam consists of 65 multiple-choice and multiple-response questions, with a passing score of 700 or higher.

An overview of the certification path in AWS

This was an overview of some of the most pursued certifications in the field such as Solutions Architect Developer, and so forth.

GIAC Security Essentials (GSEC)

The GSEC certification and the SANS certs in general, are sought after in the field.

The certification covers essential security concepts, including access control, networking, cryptography, and risk management.

To qualify for the exam, candidates must complete a training course or have at least one year of work experience in the field

SANS GSEC certification

The GSEC exam consists of 180 multiple-choice questions, and a score of 73% or higher is required to pass the exam.

Note: I would recommend pursuing this certification only if your employer/school is covering the cost due to $$$

However if you are already have some certs then instead of only focusing on the next one, focus on the following skills.

Problem-Solving

No certification is going prepare you for some of the non-technical challenges you will face on the job.

From management who might be too far removed from the hands on work, to budget cuts …. you need to have the skills necessary to succeed in these environments. Being able to do more with less.

Cybersecurity often requires you to deal with unexpected and unique types of problems that a certification will not cover. You will often times be in uncharted water.

Having a growth mindset that helps you to see problems as learning opportunities will be great enablers.

Problem solving improves with practice and is a skill that you need to develop over time.

You can use frameworks like the 5 Whys that can give you a structured approach to problem solving and start applying them to Cybersecurity problems.

Another tactical thing you can do is check out operator ran newsletters.

These offer more real-time and accessible knowledge to readers than most books. Although I recommend books as well

Think about it, you’re getting weekly (or some other cadence) posts about something practical in the field you want to learn more about, from people doing the thing.

See how they approach problems and challenges.

Here are some examples for Newsletters to check out

Cyberwox Unplugged

• For practical Cybersecurity and career learnings

  Cyberwox Unplugged

  Sharing my cybersecurity engineering career learnings with anecdotes from life.

  By Day Johnson

The Cybersecurity Pulse

• For security startup market news and coverage

The Cybersecurity Pulse 🖥️

Welcome to The Cybersecurity Pulse! We strive to provide in-depth coverage of the market landscape including the latest product releases, security innovations, earnings reports, start-up funding rounds, and more. Join our growing community today!

By Darwin Salazar

Communication skills

Easily one of the biggest issues with Cybersecurity professionals starting out is their lack of communication skills.

Certifications probably won’t teach you how to explain technical issues to non-technical people. It is crucial to be able to articulate these problems in a way anyone can understand.

If you can only explain the technical pieces to an engineer, or you can only explain at a very high level for management, then you will only get so far.

When you have to write a project plan or a post-mortem review, you will need to be able to communicate this to different audiences and adjust accordingly.

If you can effectively communicate verbally, AND through writing, you’re going to be okay. The technical skills will come.

It takes time to build the necessary skills

---

Learning Skills

Security and privacy risks are evolving at a fast pace and certifications won’t always be up to date.

Whether it be Cloud Security, Detection writing, automation, there is always something else to learn in this field.

Being able to continuously learn and re-learn are important skills.

When enough years pass, you’ll realize the way you used to do things look very different from how you do it now.

Again, there is no issue with studying and getting certs, it’s just the continuous churning of them that might cost you in the long run.

There’s plenty of subreddits and forums that go deep into this topic, and whether it is mostly good or bad, I’ll leave that up to your discretion.

---

What I Read This Week

• 560,000 People Impacted Across Four Healthcare Data Breaches

  • HealthCare has had a rough start this year
    

• Camera off: Akira deploys ransomware via webcam

  • A wild story to say the least
    

• Sans Linux IR Threat Hunting Poster

  • This cheat-sheet highlights key artifacts related to common attacks, with tools and techniques for investigation

---

Wrapping Up

In the end, it’s an individual decision, and an investment if you want to focus your time in pursuing certifications.

Remember, certs can get you the interview, but skills will get you past the interview.

Hope this helps in your decision making for where to place your focus in.

---