Security
Reader small image

You're reading from  Cybersecurity Architect's Handbook

Product typeBook
Published inMar 2024
PublisherPackt
ISBN-139781803235844
Edition1st Edition
Concepts
Cybersecurity
Right arrow
Author (1)
Lester Nichols
Lester Nichols
author image
Lester Nichols

Lester E. Nichols III currently resides in North Texas and is the Director Security Architecture/VP Cybersecurity Operations at JPMorgan Chase & Co. Previous experience includes the Director of IT Infrastructure and Security for a development company, SOC oversight manager/Senior Infrastructure Officer within DHS and previous experience in Local/Federal/DoD/financial sectors. Lester has post graduate education with a Master's of Science Degree in Information Assurance from Norwich University, the oldest private military school in the United States, and multiple industry certifications including CISSP and SANS certs, as well as others. Lester is also a contributing author to the Computer Security Handbook 5th-6th Editions by Wiley Press.
Read more about Lester Nichols

Right arrow

The Certification Dilemma

“Foreknowledge cannot be gotten from ghosts and spirits, cannot be had by analogy, cannot be found out by calculation. It must be obtained from people, people who know the conditions of the enemy.”

– Sun Tzu

“Thus we may know that there are five essentials for victory: (1) He will win who knows when to fight and when not to fight; (2) he will win who knows how to handle both superior and inferior forces; (3) he will win whose army is animated by the same spirit throughout all its ranks; (4) he will win who, prepared himself, waits to take the enemy unprepared; (5) he will win who has military capacity and is not interfered with by the sovereign.”

– Sun Tzu

The previous chapter provided a comprehensive roadmap for advancing through the cybersecurity field, from entry-level positions to the esteemed cybersecurity architect role.

It stressed that while foundational security concepts seem basic initially...

Certifications landscape

Certifications have become ubiquitous across the cybersecurity industry, with hundreds of options at varying levels catering to diverse specialties. For those aspiring to become cybersecurity architects, navigating this crowded certification landscape requires a strategic approach.

While mandatory credentialing requirements are still relatively rare for cybersecurity architecture roles, obtaining respected certifications can provide several advantages. The right certifications validate a mastery of foundational knowledge needed for cybersecurity architect solutions. They demonstrate commitment to continuous learning and signal technical capabilities to employers.

However, certifications should complement rather than replace hands-on experience. Cybersecurity architects rely heavily on real-world expertise to craft innovative designs tailored to their organization’s environment and objectives. The most impactful cybersecurity architects back paper...

Why get certified?

As you can see from the previous section, the certification landscape can be daunting, and the list of certifications referenced and highlighted only scratches the surface of what is potentially an option. As a hiring manager for several companies and agencies, while I have hired personnel with certifications, there have been times that I chose someone without. At times, it was experience or capabilities that trumped the certifications.

Certifications can provide valuable benefits but should not be the sole focus for cybersecurity architects and aspiring professionals. Here are some key points on the merits and limitations of certifications.

The benefits of certifications are as follows:

  • Validation of knowledge: Certifications test and validate comprehension of key concepts, tools, and best practices. They provide foreknowledge, as Sun Tzu emphasized.
  • Career advancement: Certifications can improve prospects for promotions, leadership roles, and...

Certification considerations

Certification considerations can vary substantially for cybersecurity architects across different industries, government entities, and individual career goals. It’s important to carefully evaluate potential certifications based on your specific circumstances. Here are some examples to illustrate the factors that can influence certification decisions.

Industry variations

When evaluating which certifications to pursue, cybersecurity architects must carefully consider variations across industries. Different business sectors often have specific certification needs and preferences based on their operating environments and requirements:

  • In cloud computing: AWS certifications such as Cloud Security – Specialty and Azure certifications such as Security Engineer Associate are highly sought after. These validate expertise in proprietary cloud security tools.
  • In banking/finance: Certifications such as CISA, CISM, and CISSP that cover...

Summary

In this chapter, we learned that certifications can serve as valuable milestones for cybersecurity professionals when approached strategically. They validate knowledge and signal expertise, but real-world experience remains irreplaceable. Certification value depends on prudent selection aligned with industry, government, and personal career factors. Costs should be weighed against potential benefits.

While certifications have limitations and should not be the sole focus, they can augment practical skills when used judiciously. Renewal requirements promote continuous learning about evolving threats. With the right expectations, certifications provide useful guideposts, not destinations themselves, on the journey to becoming an accomplished cybersecurity architect.

The most effective architects view certifications as knowledge springboards to launch their hands-on expertise. They understand one size does not fit all roles or careers. Savvy professionals evaluate certifications...

lock icon
The rest of the chapter is locked
Previous Chapter
Chapter 11 of 20
Next Chapter
You have been reading a chapter from
Cybersecurity Architect's Handbook
Published in: Mar 2024Publisher: PacktISBN-13: 9781803235844
© 2024 Packt Publishing Limited All Rights Reserved
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
undefined
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at AU $19.99/month. Cancel anytime

Author (1)

author image
Lester Nichols

Lester E. Nichols III currently resides in North Texas and is the Director Security Architecture/VP Cybersecurity Operations at JPMorgan Chase & Co. Previous experience includes the Director of IT Infrastructure and Security for a development company, SOC oversight manager/Senior Infrastructure Officer within DHS and previous experience in Local/Federal/DoD/financial sectors. Lester has post graduate education with a Master's of Science Degree in Information Assurance from Norwich University, the oldest private military school in the United States, and multiple industry certifications including CISSP and SANS certs, as well as others. Lester is also a contributing author to the Computer Security Handbook 5th-6th Editions by Wiley Press.
Read more about Lester Nichols

Personalised recommendations for you

Based on your interests and search pattern

Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Attacks will help you understand how to identify attack surfaces and detect vulnerabilities. This book takes a hands-on approach to implementation and associated methodologies and equips you with the knowledge and skills needed to effectively combat web attacks.

BookAug 2023338 pages
Automotive Cybersecurity Engineering Handbook

Automotive Cybersecurity Engineering Handbook

This Automotive Cybersecurity Engineering Handbook untangles the complexities of building secure automotive products and helps you to comply with cybersecurity standards. It provides practical tools, tips, and techniques coupled with real-world examples to enable you to create cyber-resilient automotive products with ease.

BookOct 2023392 pages
Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide

Official Google Cloud Certified Professional Cloud Security Engineer Exam Guide

This book will help you to design, develop, and operate security controls on Google Cloud as well as discover best practices for relevant security domains, including identity and access management, network, and data.

BookAug 2023496 pages
Cloud Penetration Testing for Red Teamers

Cloud Penetration Testing for Red Teamers

The advent of cloud networks and the AWS, Azure, and GCP platforms has revolutionized how companies of all sizes in all industries do business online. This book will help you meet the emerging demand for pentesting as it guides you through the tools, techniques, and security measures used by pentesters and red teamers in the 2020s and beyond.

BookNov 2023298 pages
ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide

ISACA Certified in Risk and Information Systems Control (CRISC®) Exam Guide

ISACA Certified in Risk and Information Systems Control (CRISC®) Certification Guide is an enterprise IT risk management professional’s dream. With its in-depth approach and various self-assessment exercises, this book arms you with knowledge of every single aspect of the certification, and is a fantastic career companion after you’re certified.

BookSep 2023316 pages5
Burp Suite Cookbook

Burp Suite Cookbook

Burp Suite is an immensely powerful and popular tool for web application security testing. This book provides a collection of recipes that address vulnerabilities in web applications and APIs. It offers guidance on how to configure Burp Suite, make the most of its tools, and explore into its extensions.

BookOct 2023450 pages
Building and Automating Penetration Testing Labs in the Cloud

Building and Automating Penetration Testing Labs in the Cloud

This hands-on guide will help you design and build a variety of penetration testing labs that mimic modern cloud environments running on AWS, Azure, and GCP. In addition to these, you will explore a number of practical strategies on how to manage the complexity, cost, and security risks involved when setting up vulnerable cloud lab environments.

BookOct 2023562 pages
Ethical Hacking Workshop

Ethical Hacking Workshop

As cyber-attacks grow and APT groups advance their skillset, you need to be able to protect your enterprise against cyber-attacks. In order to limit your attack surface, you need to ensure that you leverage the same skills and tools that an adversary may use to hack your environment and discover the security gaps. This book will teach you how to think like a hacker, use state-of-the-art hacking tools, and protect yourself and your organizaiton.

BookOct 2023220 pages
Windows Forensics Analyst Field Guide

Windows Forensics Analyst Field Guide

This book contains step-by-step processes to guide you in any investigation related to Windows OS. You’ll find out how to acquire evidence using multiple tools as well as examine and analyze the collected artifacts, while discovering multiple techniques used in real-world forensic incidents.

BookOct 2023318 pages
Implementing DevSecOps Practices

Implementing DevSecOps Practices

This book is a comprehensive, hands-on guide for individuals new to DevSecOps who want to implement DevSecOps practices successfully and efficiently. With its help, you’ll be able to shift security toward the left, enabling you to merge security into coding in no time.

BookDec 2023258 pages