(ISC)² Plans Entry-Level Certification for Aspiring Security Pros

  /     /     /  
Publicated : 23/11/2024   Category : security

(ISC)² Plans Entry-Level Certification for Aspiring Security Pros


The certification aims to help new entrants to the security field with professional development and career paths early on.


(ISC)² today announced plans to pilot a new entry-level cybersecurity certification exam to add its existing lineup of professional certifications and provide aspiring security practitioners with a professional development path early in their infosec careers.
Officials describe the new qualification as a foundational certification that will also play a role in helping businesses, educators, and governments bring more security pros into the workforce. An entry-level certification will help to narrow the gap that currently exists between entering the security industry and being able to verify and advance skills through industry qualifications.
Organizations have long been challenged to find qualified security practitioners for a growing number of open positions. There are several factors driving the problem, among them a disconnect between employers seeking specific skills and the job candidates who have those skills. (ISC)² believes an entry-level certification is one solution to help address the issue.
While there are many contributing factors, we believe one solution is to create a certification that enables candidates — including students, young professionals, and career changers — to demonstrate to employers their familiarity with foundational cybersecurity concepts as determined by cybersecurity professionals and practitioners already in the field, (ISC)²
writes
.
There is a need for a security certification that is both accessible to newcomers and recognizes many people want to transition into cybersecurity roles but dont have direct experience in. Recent (ISC)² data
reveals
half of security practitioners new to the field (with less than three years experience) came from an IT background, compared with 63% of those with three to seven years experience. A certification might help entrants demonstrate their skills without years of experience or a degree.
Employers need confidence that when hiring new entrants into the field that they have a solid grasp of the right technical concepts and have demonstrated an aptitude to learn on the job, (ISC)² says.
Entry-level security positions often require certifications like the CISSP, which is unrealistic for entry-level applicants because it requires five years of experience. As a result, many of these open positions remain vacant and aspiring security pros have fewer options to get a start in the field.
How can this certification help industry newbies demonstrate theyre ready to take on a security job? Thats still in the works, (ISC)² says. The organization is seeking input from the security community to develop a pilot exam outline and has published a
survey
to help validate core skills and abilities security practitioners think are necessary for early-career professionals.
(ISC)² has not yet announced a publication or testing date for the pilot exam.
Bridging the Employer-Employee Gap
In a panel at this weeks virtual (ISC)² Security Congress, experts discussed the challenges of hiring in todays security workforce. The obstacles for aspiring security pros often depend on where they apply. Some organizations, such as larger corporations and government agencies, still require advanced degrees but many, especially small and midsized businesses, are starting to place more value on experience than degrees, said Rodney McLeod, CEO of McLeod Information Systems.
Still, he added, it takes a good amount of work to prepare for an entry-level security role and tech experience does help.
Entry-level cybersecurity … you still have to have a lot of knowledge to be entry level, McLeod said. You cant be, in my opinion, a two-year college student and jump right into entry-level cybersecurity.
He advised those looking to get started in security to seek out opportunities to build that knowledge; for example, with a help desk or IT support role for a larger organization. Once they have their foot in the door, they can work hard and communicate with the security team to demonstrate they understand security and theyre willing to work their way up to a position.
Its this willingness, combined with the aptitude for critical thinking and troubleshooting, that can also set entry-level practitioners apart, McLeod added. If you have someone with that natural ability in some other field, theyll come over real easily, he said.
This idea
has been echoed
among security experts across the field: in a discipline that is quickly and constantly changing, whats important is knowing the fundamentals and being motivated to stay on top of the issues businesses face and the technologies they use. Employers are encouraged to be more open-minded when hiring new security pros. They dont just need skilled hackers; they need people who can think critically and solve complicate problems.

Last News

▸ ArcSight prepares for future at user conference post HP acquisition. ◂
Discovered: 07/01/2025
Category: security
▸ Samsung Epic 4G: First To Use Media Hub ◂
Discovered: 07/01/2025
Category: security
▸ Many third-party software fails security tests ◂
Discovered: 07/01/2025
Category: security


Cyber Security Categories
Google Dorks Database
 		Exploits Vulnerability
 		Exploit Shellcodes

CVE List
 		Tools/Apps
 		News/Aarticles

Phishing Database
 		Deepfake Detection
 		Trends/Statistics & Live Infos



Tags:
(ISC)² Plans Entry-Level Certification for Aspiring Security Pros