Cybersecurity Certificates, Certifications and Degrees: How to Choose

by Debra B. McCraw | Oct 19, 2018

Three question marks drawn on a chalkboardYou’ve decided you want to get into cybersecurity, and now it’s time to get the credentials that will help you start your cybersecurity career. But what is the difference between a cybersecurity certificate, a certification and a degree, and how do you know which is right for you? Keep reading to get the information you need to make a decision and get started.

Cybersecurity Certificate vs. Certification vs. Degree

Cybersecurity Certificates

A cybersecurity certificate is generally tied to an educational program and represents the completion of coursework. Cybersecurity certificate programs are offered at both the undergraduate and graduate level and can take anywhere from a few weeks to a few years to complete.

The requirements to earn a cybersecurity certificate vary widely from program to program. Some require the completion of multiple courses, but some only require one. And some require you to earn a minimum grade to receive your certificate. Some certificate programs also include a capstone project that may be evaluated and/or graded by peers or an instructor.

Although employers typically don’t request certificates in job postings, they can benefit IT pros in other ways. Many working professionals get a certificate rather than a degree to fuel a promotion in their current jobs, and the college credits earned from a certificate program can sometimes be applied toward a degree. The course of study may also cover the skills needed to earn a cybersecurity certification. Once you earn a certificate, you have it for life – there are no continuing education requirements.

Many undergraduate cybersecurity certificates cover the basics of cybersecurity, whereas graduate-level cybersecurity certificates delve into specialized topics like engineering, cybersecurity law or health care security.

The Details

  • Time: Varies from several weeks to several years
  • Cost: Tuition and books for 12 to 18 credit hours
  • Value to Employers: Generally not listed in job postings but may help in getting promoted

Cybersecurity Certifications

Whereas cybersecurity certificates come with the completion of coursework, a cybersecurity certification may be earned without taking any classes. (Although we don’t recommend trying to get certified without preparing!) Cybersecurity certifications assess the knowledge, skills and abilities that IT professionals have already mastered and reflect what’s going on in the field today.

Because of this, IT certifications are issued by independent organizations, such as trade or industry associations, that work closely with professionals in the field. To earn a cybersecurity certification, you must first pass an exam (or multiple exams) and then earn continuing education units (CEUs) to keep your certification active. This shows that your skills and knowledge match those demanded by today’s jobs.

Some of the most popular cybersecurity certifications come from organizations like CompTIA, (ISC)2, ISACA, GIAC and Cisco.

Fast track your career. Click here to subscribe today and save 10 percent on CompTIA products.

The CompTIA Cybersecurity Career Pathway includes performance certifications for all levels of cybersecurity professionals. Performance certifications validate the hands-on skills needed to perform today’s in-demand cybersecurity jobs.

The Details

  • Time: A certification exam takes just a few hours, but preparing could take months
  • Cost: Between $300 and $500 for CompTIA cybersecurity certification vouchers plus the cost of study materials and/or classes
  • Value to Employers: Nearly 450,000 U.S. cybersecurity job postings required IT certifications (October 2017 through September 2018, Burning Glass Labor Insights)

Cybersecurity Degrees

Colleges and universities offer both undergraduate and graduate degrees in cybersecurity, typically as a sub-discipline of computer science. While many cybersecurity jobs require a degree, that doesn’t necessarily mean they require a cybersecurity degree. Many cybersecurity professionals hold bachelor’s degrees in other fields – some technical and some not.

Cybersecurity is not necessarily an entry-level field, and some say that getting a bachelor’s degree in cybersecurity is putting the cart before the horse – it’s better to gain general IT and/or computer science knowledge and experience before specializing in cybersecurity. And we’ve even said that you need to know how IT infrastructure works before you can secure it. However, getting a graduate degree in cybersecurity after you’ve been working in IT may give you the skills you need to advance in your career and obtain leadership positions.

The Details

  • Time: 2 to 4 years
  • Cost: As much as $60,000 for a bachelor’s degree and $70,000 for a graduate degree, according to U.S. News and World Reports.
  • Value to Employers: 82 percent of cybersecurity job postings required a bachelor’s degree, and 4 percent required a graduate degree; only 2 percent specified cybersecurity (October 2017 through September 2018, Burning Glass Labor Insights)

Should I Get a Cybersecurity Certificate, Certification or Degree?

When deciding whether to get a cybersecurity certificate, certification or degree, consider the following:

  • Experience: How much IT experience do you already have? If you have no experience, undergraduate certificates and certifications may be the way to go. Whether you’re taking college courses or certification training boot camps or you're studying on your own, you’ll gain the fundamental skills you need to succeed in cybersecurity.
  • Time: How quickly do you need to gain cybersecurity skills and credentials? A certification will be your quickest route; however, if you are new to IT or to cybersecurity, you’ll want to spend time learning and practicing before jumping right into a certification exam. You may also need to take a few steps back and start with more general IT certifications before getting a cybersecurity certification. All CompTIA certification webpages list the recommended experience levels under Exam Details so you can find the one that’s right for you. Read more to see which certification is right for you.
  • Job Requirements: Are you looking to meet the requirements of a job, or are you just looking to increase your knowledge? Employers value certifications and degrees more than certificates.
  • Cost: How much can you afford to spend? If you’re paying for this out of pocket, a certification will be your least expensive option.

The Bottom Line on Cybersecurity Credentials

Cybersecurity certificates, certifications and degrees all have their place in the field, and which one is right for you will depend on many factors. Identifying the job you want, understanding the job requirements, researching what options you have and learning the steps to earning the credential will help you make the choice that’s right for you.

Want to know more about cybersecurity certifications? Learn more about the CompTIA Cybersecurity Career Pathway.

8 Comments

  • Anonymous

    Friday, October 26, 2018

    Thanks for the nice comparison. As a HIGHLY experienced and credentialed cyber security analyst and architect, I can say without a doubt the biggest barrier to getting a position in a company large enough to provide an above-average compensation package, is not having a degree. I have worked over 10 years for a very large services company, contracted to and onsite at a very large manufacturing company, and neither of them consider me "qualified" for my current position if I tried to hire in off the street. Solely because of no check in the degree box. In spite of the fact that if I had earned a degree at the beginning of my professional life, some 30+ years ago, the significant majority of the knowledge gained at that time would NOT be very pertinent or useful today. But the degree check-mark lives forever apparently, without regard to applicability. Extremely discouraging, and pretty much eliminates upward job mobility for those of us in this category. And I agree wholeheartedly about your observation regarding general IT knowledge being a pre-requisite. Having a broad and thorough general IT background provides a fundamental foundation for the security specialty. If all you've learned is "security" in college, but don't know what telnet and ftp are, and why they are a risk, then you're not ready for a security role yet... (I know, they are really old, but they are still in use today, unfortunately)

  • Friday, October 26, 2018

    Thanks for your comment! You are right that there are times when you need a degree to check the box. The plus side of this is that you may not need an IT/cybersecurity degree. Many people move up the ranks in IT with degrees in liberal arts, mathematics and other non-IT degrees. You can also get entry-level IT jobs without a degree and go back to school later. In some cases, your employer may even reimburse you for tuition and other college expenses.

  • Bharath R A

    Saturday, October 27, 2018

    Hi, thanks for this input, nicely compared. I am a thorough Sales & Marketing pro for the past 25 years (I am 42) and no degree as well. Very much interested in getting into cybersecurity space out of sheer interest and also seeing the potential this field has got in the near future. What do you suggest? It need not be a job, it also can be doing something on my own. What are the options available to start up something on my own? Can I sell some products of big cybersecurity companies or can I have a team of cybersecurity specialists to develop products for bigger companies? Can you help me with understanding? I am starting my first certificate course on cybersecurity from this Sunday - 8-week program.

  • Monday, October 29, 2018

    Hi, Bharath! Thanks for your comment. There are lots of opportunities in cybersecurity that range from hands-on analysis to sales. Here's an article we did that outlines some of the most popular cybersecurity jobs and how to get them: https://certification.comptia.org/it-career-news/post/view/2018/10/01/cybersecurity-jobs-everything-you-ever-wanted-to-know Good luck!

  • Anonymous

    Tuesday, October 30, 2018

    Thanks for the nice comparison. As a HIGHLY experienced and credentialed cyber security analyst and architect, I can say without a doubt the biggest barrier to getting a position in a company large enough to provide an above-average compensation package, is not having a degree. I have worked over 10 years for a very large services company, contracted to and onsite at a very large manufacturing company, and neither of them consider me "qualified" for my current position if I tried to hire in off the street. Solely because of no check in the degree box. In spite of the fact that if I had earned a degree at the beginning of my professional life, some 30+ years ago, the significant majority of the knowledge gained at that time would NOT be very pertinent or useful today. But the degree check-mark lives forever apparently, without regard to applicability. Extremely discouraging, and pretty much eliminates upward job mobility for those of us in this category. And I agree wholeheartedly about your observation regarding general IT knowledge being a pre-requisite. Having a broad and thorough general IT background provides a fundamental foundation for the security specialty. If all you've learned is "security" in college, but don't know what telnet and ftp are, and why they are a risk, then you're not ready for a security role yet... (I know, they are really old, but they are still in use today, unfortunately)

  • John

    Monday, January 21, 2019

    Hey all, would like to know if a certificate is a better route than a masters at my career point. I've got 7 years of total experience in the business world (business undergrad) with 2 of them supporting the cyber threat intel team (I do mostly contracts, research for companies, etc for them). I'm not looking to be a technical leader but more management level with basic technical understanding. Some of the masters are so expensive and I'm not sure they provide enough value to warrant cost at my career point (no guarantee to get a promotion or more money from this). Would love some more thought here...

  • Ed

    Tuesday, January 22, 2019

    Agree on the degree. As a working adult, it took me about 7 yes to complete my Bachelor, my AS came right behind it because it was low hanging fruit...I'm working on MBA now...I have 17 yrs experience in IT...a certification only establishes I have fundamental Cyber security understanding...it does not make me a hacker or qualified to defend on the spot....it only means I passed a really hard test and understand the fundamentals...a foundation to continue to build upon and an "insurance policy" for the corporation I work for in case they get hacked on my watch....they save a little bit of face being able to show due diligence that I held certifications in the field vs hiring someone off the street who claimed to have experience. In the in the end, a degree PLUS Certifications makes for a more well rounded associate to invest in and warrant those 6 Figure salaries that come with it...even though I have met many proficient people with higher apptitude and capabilities than I in the same field... without a degree.

  • Wednesday, January 23, 2019

    Hi, John! Thanks for your question. It sounds to me like a certificate or certification might be a good option for you, given the degrees and experience you already have. They will help you get the foundational knowledge you might need to lead a team. The best way to answer this is to start researching job postings that interest you and see what they require. Having business leadership experience can go a long way if you're looking to manage a team vs doing the hands-on work. Good luck!

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story