Are Certifications Worth it?
I wil be sharing my personal experiences on the industry cybersecurity certifications that I’ve taken so far and discuss its worth.
Intro and common questions
“Do I need these certifications? If so, how do I start”
One of the most common questions for newcomers is always about how they should start and/or what is the best way to get into the field. Eventually, the topic of certifications will come up and some might ask, “What’s the best certifications for Cybersecurity?”. Well… there’s really no best certifications but there are some that are highly regard for entry level postions. I recommend starting with the basic CompTIA Trifecta certifications which include: A+, Network+, and Security+. But depending on the job that you’re looking into, only Network+ or Security might be suffice. A+ is somewhat of a meme cert so I would really only focus on Network+ and Security+. But what’s the purpose for these certifications? Do we really need them? The main purpose is to validate expertise and test specific competence in the field of Information Security. The other reason is to simply get by the HR filter.
Experiences > Educations/Certifications. Work on your fundamentals and learn as much as possible via the process of studying for these certs. Many of these certifications are mile wide and inch deep in their tested knowledge but if you’re starting out, that’s ok. You might not know what you’re trying to do in this field yet. The field is very broad and there’s a ton of specializations to focus on later that fits your style. Some of these are Cloud Security, Red Team, Blue Team, Reverse Engineer, and more.
So would I recommend getting certifications? I do but to a certain extend… and don’t take them just for the sake of getting a certifications; learn as much as you can and continue to improving your knowledge in the field! Below, I will talk more on certifications and the process that I went through to study for the exams.
Are certifications even worth it? Is it all a scam?
Certifications are very much worth it if you’re getting it to learn and validate your knowledge in that respective cert. Some certifications hold more value compared to others, like OSCP for example. OSCP has been the standard for many entry level Red Team or Pentesting positions. If a certifications is a requirement for a job that you’re looking into, then I believe it could be worth it. Especially if it leads to you getting that job. Now, trying to collect as much certifications as possible as if they were a Pokemon is definitely not worth the time and money. You would be better off utilizing that time to work on something else that is practical to what you want to do.
So.. are certifications a scam? Somewhat, only get them if it helps your career but also being able to learn something out of it. Otherwise, I would use that time and money to do hands-on projects like Linux from Scratch, Python Programming, and many others.