In this video, Marc Menninger reveals why you should get IT security certifications and debunks common misconceptions about them. Discover four tips to help you study for and pass your certification exams. Learn about the hidden costs that come with certifications and why your employer should want to pay for them.
- [Instructor] Achieving an IT security certification is no easy task. To begin, it's important to understand why you're getting a certification because there are many misconceptions about the purposes of getting certified. Certifications are meant to validate your knowledge of a certain security area. Some people though, think the purpose of certifications is to help them break into the security field even without the appropriate amount of experience. They'll see a job which requires a certain certification and they think by getting the certification, it will help them get the job.
But a certification should be obtained only after you get the experience, not before. This is especially true for the advanced and expert certifications like the CISA, CISM, and CISSP. Getting the needed years of experience will help you prepare for these certifications more than simply studying for them would. In other words, studying alone can't replace real world experience. Having said that, studying is still very important. It would be foolish to take an exam without studying for it first.
As you get started, give yourself plenty of time to study based on the type of exam. Some exams like the CISSP cover a much broader body of knowledge than other exams. Make sure to give yourself plenty of time to learn the necessary information. Don't make the mistake of trying to cram at the last minute or you'll reduce your chances of passing. Second, study every day. Even studying half an hour every day is better than trying to study for several hours once a week.
Consistent studying will help you maintain the habit, as well as absorb and retain the knowledge better, especially since you'll have the time to repeatedly study key concepts. Third, try to incorporate many forms of studying into your routine. Some people think reading only one study guide is sufficient but, most guides aren't comprehensive enough. Be prepared to study from many sources including books, study guides, articles, and websites. Some resources include live sessions with an expert, video lectures, flashcards, practice tests, and online study groups.
Various forms of studying not only help you learn all the material for the exam, they make studying a bit more interesting and less monotonous. My final study tip is to schedule and pay for your exam at least six months in advance. Paying for an exam is often non-refundable, so once you've paid, you're committed. Now you'll have a real deadline that should help compel you to get serious about studying. On that note, let's talk a little about paying for an exam.
IT security certifications often come with hidden costs. In addition to the exam fee itself, which is usually hundreds of dollars, you can expect to also pay an application fee, training costs, like books and courses, and annual renewal fee. These costs can add up to a lot of money. Check with your employer to find out if they'll cover some or all these costs. In many cases they will, the best employers want their staff to get certified. If they don't, it's possible that these costs will be tax deductible.
Check with your accountant or tax advisor to be sure. In any case, because of how it can improve your career, the cost and effort of getting and maintaining an IT security certification should be well worth it.
Marc closes with a few pieces of career advice specific to the world of information security, which will help you succeed in this dynamic and high-demand industry.
- IT security key concepts
- Understanding the job marketplace (government vs. healthcare, etc.)
- IT security success traits
- Career specializations
- IT security certifications
- Getting experience
- Marketing yourself