The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

Six Big Cybersecurity Certification Changes for 2018

Four New Stackable Certifications Encourage Cybersecurity Career Development


Snap together blocksRounding out CompTIA’s busy year on the cybersecurity front was their Dec. 20 launch of stackable cybersecurity certifications. These are credentials that candidates earn when they achieve a series of other CompTIA certifications. They’re designed to encourage candidates to continue to advance along a career path and, of course, to continue to pursue CompTIA certifications along the way.


Many IT professionals learned of this program when they received an email from CompTIA informing them that they automatically earned a stackable certification based upon their existing credentials. The new stackable certifications include:


CompTIA Secure Infrastructure Specialist is awarded to candidates who earn the A+, Network+, and Security+ credentials.
CompTIA Secure Cloud Professional requires earning the Security+ and Cloud+ certifications.
CompTIA Security Analytics Professional certification goes to those who earn both the Security+ and CSA+ certifications.
CompTIA Security Analytics Expert requires the Security+, CSA+ and CompTIA Advanced Security Practitioner (CASP+) certifications.


Expect to see these pathways continue to develop as CompTIA releases the CPT+ credential and other certifications. It’s also likely that these stackable certifications will drive renewed interest in CompTIA certification programs and increase the number of IT professionals adding the Security+, CSA+, and CASP+ credentials to their resumes.


CISSP Moves to Adaptive Testing


CompTIA is making the biggest waves in cybersecurity certification this year with the launch of six new certifications, but they’re not the only ones making changes. This year’s big news out of (ISC)² is the launch of adaptive testing for the Certified Information Systems Security Professional (CISSP) exam.


The new CISSP testing technology rolled out quietly in December and is now the only option for English test-takers. Candidates will find themselves taking a shorter exam, maxing out at three hours, that becomes increasingly difficult as candidates answer questions correctly


This isn’t the only change in store for the CISSP exam. (ISC)² also made revisions to the eight CISSP domains to keep the material current and will be revising the exam to cover the modifications in April.


(ISC)² To Push SSCP Certification


The Systems Security Certified Practitioner (SSCP) credential isn’t new by a long shot. The (ISC)² entry-level certification program has lived in the shadows of the CISSP credential for years, but word on the street is that is about to change.


During the recent (ISC)² Security Congress in Austin, several industry insiders remarked that they expected to see a renewed push to position the SSCP as a premier entry-level certification and develop the SSCP market over the coming year. We haven’t seen this push begin yet, but keep your eyes open for developments.


While these new developments will certainly change the landscape of cybersecurity certification programs, those seeking to enter the field and enhance their skills shouldn’t forget the time-tested basics. CompTIA’s Security+ certification remains the most popular entry-level certification and is in the process of completing a transition to the new SY0-501 exam this spring, with the retirement of the SY0-401 exam at the end of July.


It’s still a fantastic starting point for those seeking their first position in cybersecurity who aren’t ready to move onto one of the more advanced or specialized certification programs.



Mike Chapple is Senior Director for IT Service Delivery at the University of Notre Dame. Mike is CISSP certified and holds bachelor’s and doctoral degrees in computer science and engineering from Notre Dame, with a master’s degree in computer science from the University of Idaho and an MBA from Auburn University.