Sooner or later, most cyber security professionals will discover that it’s not enough to have only one relevant qualification.
There’s simply no single certification that covers everything. This is a diverse industry, after all, requiring broad coverage.
Most qualifications, however valuable they are, will specialise in just one of those areas. This is why having a strategy surrounding your certifications is crucial. With the right combination you can shape yourself into a well-rounded, exceptionally well-informed professional, you can also ensure your CV truly stands out.
At ALC Training, we firmly believe in giving you the broadest and best possible education. Here’s a comprehensive list of the best qualification combinations to pursue, and those to avoid too.
Certification Stacks – Your Winning Combinations
ALC Training specialises in a broad range of qualifications with Cyber Security being one of our specialties and, over the years, we’ve seen certain combinations be proven to work time and again. Below, we’ve outlined some of the most popular cyber security career paths, and outlined which combinations you should pursue in each case.
Security Architect
Combination: SABSA + CISSP
Whether you want to specifically be a Security Architect, or target a role as an Enterprise Security Designer or Senior Security Consultant, the SABSA + CISSP combination is perfect for you.
The SABSA Foundation provides you with a business-driven cyber security architecture framework. The CISSP certification then supplies you with a broader, cross-domain cyber security knowledge. Between them, they give you an excellent blend of strategic and design-level understanding, with more micro-orientated implementation skills.
Security Manager/Leader
Combination: CISSP + CISM
While specific job titles might vary, roles like these involve overseeing an organisation’s cyber security program, which entails the management of risk and governance, and communicating with the individuals you work with.
CISSP has long been seen as the gold standard in security qualifications, and remains one of our most popular offerings. It will give you a broad overview of the technical side of cyber security.
CISM, meanwhile, focuses more on leadership, governance and risk management.
This combination works because it represents the perfect balance between technical understanding (via CISSP), and management capability (through CISM).
Risk and Audit Professional
Combination: CISA + CISM
Being a Risk and Audit Professional is largely about identifying and reporting security risks, assessing compliance, and – on a related note – supporting governance and assurance.
We see the CISA qualification as the globally-accepted standard of achievement among IS audit professionals. It will give you all the technical skills and practices you need to form the perfect building blocks for success in the auditing field.
Gaining your CISM credential takes you to the next level, adding one of the most prestigious InfoSec qualifications in the world to your resume. Having built that strong foundation, CISM will give you a broader perspective on security risk management.
This pair of certifications, therefore, will give you both the micro-level technical skills, and the enterprise-level oversight capabilities you need to succeed.
Cloud Security Specialist
Combination: CCSP + CISSP
Cloud Security Specialists are responsible for securing cloud data and platforms. They might need to design cloud security architecture themselves, along with managing cloud sharing and ensuring compliance.
CCSP gives you a thorough understanding of both the security risks and mitigation strategies which are critical to cloud data security. That might sound overwhelming, but our 5-day course covers all six requisite domains, clearly and comprehensively. As noted earlier, CISSP then layers the more foundational security knowledge on top, giving you a broader understanding.
Between these two qualifications, you’ll not only become an expert in cloud-specific security, but make yourself into a well-rounded cyber security professional too.
IT Operations —> Cyber
Combination: ITIL + CISSP
IT Operations is a fairly broad field, which generally involves managing and/or supporting operational IT services. Eventually moving from this into cyber security is a popular path, not least because the latter can be quite lucrative in the long-term.
Your ITIL certification will give you the strong, basic understanding you require in order to succeed in IT Service Management and operations. The CISSP certification provides the perfect transition from there into cyber security, teaching you the enterprise-wide security principles you need to succeed.
Adjusting your career once it’s already underway is certainly a challenge. With this combination, however, you’ll not only ease into that adjustment, but give yourself a better chance of success.
Project Governance
Combination: PRINCE2 + CISSP/CISM
This is another fairly broad field. Typically, however, it will see you managing not only governance, but also risk, and even the expectations of stakeholders. Along the way, you’ll also need to ensure security is embedded in that delivery.
PRINCE2 is an enormously popular project management methodology, for which we offer both Foundation and Practitioner courses. A PRINCE2 certification gives you a brilliant, broad overview of project delivery, teaching you how to keep those projects both on-time and on-budget.
Adding either CISSP or CISM on top of this will help focus you back on cyber security. As mentioned, both will give you a fantastic grounding in security and risk.
This combination really does make you the consummate all-rounder. You’ll be able to offer not only the strategic framework for success, but the technical skills and knowledge required to actually deliver.
Combinations to Avoid
In an ideal world, you’d simply gain as many qualifications as you possibly could. Doing so does cost time and money, however, so you need to be selective in which you target.
That’s why it’s important to avoid the combinations which simply don’t synergise. No certifications will be useless on their own – you’ll always learn something valuable. Certain mixtures, however, are less worthwhile than others.
For example, you might get two more technically-focused qualifications. That will obviously make you an expert in those fields, but your time could be better spent doing one more specific course, and one that gives you a broader understanding of cyber security.
Generally speaking, the key here is to strategise. Identify which role you’re targeting then, be selective about the qualifications you pursue, and build a security certification roadmap, rather than flitting between both certifications and cyber security paths.
Strategising for Success
The best way to succeed in cyber security is to think long-term, and be strategic and intentional. This is exactly the kind of thinking you should apply to the qualifications you target too.
No single one of these certificates will cover every domain. The right combination, however, can reinforce your strengths, improve your weaknesses, and open exciting new career possibilities within cyber security.
Getting expert help is a sure fire way to speed up this journey, give yourself the best chance of success during the exams, and generally ensure you’re getting the highest possible level of learning. At ALC Training we can provide all of that and more, giving you the teaching and guidance you need to succeed in any of the combinations covered here.