So, you decided that it’s a good idea to get a cybersecurity certification. But which one should you go for?
While obtaining a certification is quite an endeavor, that’s only the first step. To keep it active, you’ll have to pay annual fees and submit continuous education units based on the issuers’ requirements. Otherwise, your hard-earned credential will expire, and it will be forbidden and unethical to introduce yourself as a certification holder by listing it in your CV or profile headline.
All providers on this list are well-recognized, and you can’t go wrong choosing any of them. It becomes a matter of personal preference, and you should treat it like building a relationship - you’re staying with them for years to come.
Is this provider someone you want to start a relationship with?
How well do you like them? Could you satisfy their demands in the first place? And what do they expect from you going forward?
In this article, we’ll look at the most established infosec and cybersecurity certification providers, learn a few tidbits about them, and see what kind of requirements they have for obtaining and maintaining a credential.
Points of analysis
For each certification provider, I looked at the following:
Interesting fact. Did you know this curious detail about the organization?
Certification areas. Main areas the provider operates in. They often have some offerings in other areas, like Agile or Project Management.
Best known for. A certification name that comes up the most. An abbreviation people often encounter even before they learn who the issuer is.
Requirements and price. Are they providing clear information on their website? Is it easy to find the exam prerequisites? Is the price listed on the exam page, accessible in a single click, or do you have to use a search engine to find it (and still only find it in the reviews but not the official site)?
Experience. Do you need confirmed professional experience to apply for the exam?
Maintenance fee. Once you obtained the certification, how much will it cost you to keep it active?
An organization that has the longest roots, going all the way back to 1967. It became apparent that there’s a need for a centralized source of information and guidance in the field of auditing controls in computer systems. In 1969, the group involved incorporated an association that later became the Information Systems Audit and Control Association.
Interesting fact. The logo with rotating circles was introduced in 2020, as a part of refreshing the organization’s digital presence. It symbolizes agility and momentum that enable confidence in the face of change. (I also feel the fact that it looks like an eye chart means a clear and focused vision of the future).
Certification areas. System Auditing, Cybersecurity
Best known for. CISM (Certified Information Security Manager), CSX-P (Cybersecurity Practitioner Certification)
Requirements and price. The information is clearly laid out on the exam page, or easily accessible from there.
The pricing is on most of the exam pages but written on an image. Could be overlooked if you scan the text, and can’t be found on the official website if you google the price.
Experience. ISACA doesn’t have experience requirements - you can register and take the exam whenever you feel ready.
Maintenance fees. ISACA’s annual fee per certification is $45 for members and $85 for non-members. Membership: $135/year base fee, plus the chapter dues.
Back in 1973, 8 professional computer societies established the Institute for Certification of Computing Professionals to promote certification and professionalism in the industry.
Interesting fact. It was ICCP that created the Systems Security Exam for the Information Systems Security (ISC) organization. That exam is “Cyber Security Examination” now, and the organization became the (ISC)2 we know today.
Certification areas. Cybersecurity, Data Science, Blockchain, Software Engineering, IT management.
Best known for. CDP (Certified Data Professional)
Requirements and price. The requirements and certification levels are laid out on each exam page, as well as in a single sheet that can be accessed straight from the main menu.
The pricing structure easily accessible is flat. There are three types of exams – Foundation, Professional, and Programming Languages. The voucher for each type costs the same, no matter which exam you choose.
Experience. All but the Foundational-level certifications require 2-5 years of confirmed work experience.
Maintenance fees. The obligatory membership fee varies from $45 to $125 per year, depending on the certification level. Plus earning the Professional Development units, which ICCP estimates would cost around $500-$600/year. At this point, they note that such costs are the reason the majority of ICCP members belong to mid-to-large corporations that fund their employees’ certification and ongoing professional development.
Created in 1982 as an association issuing professional certifications for the IT industry.
Interesting fact. Originally established as the Association of Better Computer Dealers, or ABCD. (Sorry for messing with the brand colors – it’s my retaliation for having this song stuck in my head now). The name was later changed to the Computing Technology Industry Association.
Certification areas. Cybersecurity, Infrastructure, Data and Analytics.
Best known for. Security+.
Requirements and price. All exam-related information is laid out on each of the exam pages in a convenient sheet. The regular exam prices are also displayed there, but the fee may change based on your location. Full list of CompTIA exam prices.
Experience. You don’t have to confirm your experience before applying for CompTIA certifications.
Maintenance fees. Most CompTIA certifications have a $50 annual fee, which has to be paid before submitting your Continuous Education units for that year.
Tech giant founded in 1984 by a married couple of Standford University computer scientists. They were the ones to introduce the concept of local area network (LAN) connecting distant computers over a router system.
Interesting fact. In 2009, Cisco tried to venture into making digital cameras. The idea was that people could connect the cameras to the internet and quickly share and publish videos, allowing for easy visual networking. But flip video cameras stood no chance against smartphones, and the branch was soon shut down.
Certification areas. Networking, Automation, CyberOps, Security.
Best known for. CCNP (Cisco Certified Network Professional) and CCIE (Cisco Certified Internetwork Expert). They are experience-based verticals, each containing certifications in different areas.
Requirements and price. Requirements for each certification are clearly laid out, with a list of exams needed to obtain it and links to the optional training courses for each. The price is at the top of each exam page.
Experience. Recommended, but doesn’t have to be proven before applying.
Maintenance fee. Cisco doesn’t have fixed recertification fees. Based on your certification level, during the 3-year recertification period you’ll need to pass another exam (the average price is $300 per exam), or multiple exams, or earn Continuous Education units by completing educational courses and training by Cisco or accredited partners.
The International Information System Security Certification Consortium was established in 1989 with the goal of creating a vendor-neutral certification program that would standardize and bring together the competing agendas of different organizations issuing IT Security certifications.
Interesting fact. The initial consortium was formed during a conference hosted by the National Institutes of Standards and Technology (NIST). Nearly every participating group has been issuing their own certification at the time, and they aimed to form a standardized curriculum.
Certification areas. Cybersecurity
Best known for. CISSP (Certified Information Systems Security Professional).
Requirements and price. Requirements are on the certification pages, nested in tabs. Exam prices aren’t there but could be found in a sheet on a dedicated page.
Experience. Depending on the certification, from 2 to 5 years of cumulative paid work experience is required.
Maintenance fees. The Annual Maintenance Fee for Certified Members of (ISC)2 is $125, regardless of the number of certifications you hold. For Associates, the annual fee is $50.
International Council of E-Commerce Consultants was founded in 2001 in the wake of the 9/11 terrorist attacks. Its mission was to create InfoSec training and certification programs and draw a strong line of defense against similar attacks in the cyber field.
Interesting fact. In 2010, the directive of the US Department of Defense was updated to require its computer network defenders to pass the CEH certification.
Certification areas. Application Security, PenTesting, Ethical Hacking, Network Security.
Best known for. CEH (Certified Ethical Hacker).
Requirements and price. The requirements are laid out on the exam page. There’s a dedicated page with a list of requirements and pricing for every EC-Council certification.
Experience. If you don’t participate in a training program, a minimum of 2 years of work experience is required.
Maintenance fees. $80/year membership fee for certification holders who participate in EC-Council Continuous Education program. There’s a single membership fee regardless of the number of certifications, with a few exceptions.
Calculating the full recertification cost isn’t a simple math equation but a formula with a few variables. Consider the points like:
- What could your next certification be? Are you interested in obtaining more certifications from this provider in the future?
- Does their membership provide some options for earning free or discounted credits?
- What are the other membership benefits?
Obtaining a credential isn’t easy, but it’s a sprint. You get fully ready and focused, push through, and get your prize.
Maintaining is a marathon that requires consistent time, energy, and often money investments. And it doesn’t give you extra rewards besides preventing your credential from falling into the void. But that’s the point. Maintaining certification is a testament to your resolve, the proof of your staying invested in the related areas.
Remember why you’re getting certified, think ahead, and make a conscious choice.