One of the fastest growing areas of the enterprise is cybersecurity. Every year, more attacks are carried out meaning more of the IT budget is allocated for bolstering security, ultimately leading to the need to hire more cybersecurity experts to protect your organisation.
A total of $1.9 billion was spent on cybersecurity throughout Southeast Asia in 2017 and research suggest that number is set to experience a double-digit percentage growth by the year 2025. Singapore alone spent 0.22% of GDP last year on cybersecurity, well above the global average.
Unfortunately, this increased need for cybersecurity isn’t without its challenges. Globally, the security industry is one of the worst affected when it comes to the skills deficit, with Cybersecurity Ventures predicting global shortfall of 3.5 million cyber security jobs by 2021.
Southeast Asia is not immune to this trend. In Malaysia, just over half of the cybersecurity jobs needed by 2020 have been filled and Singapore and the Philippines have both announced national plans to boost cybersecurity talent in their respective countries.
With 82% of IT and cybersecurity professionals claiming they don’t have the right amount of necessary talent within their organisation, many are no resorting to in-house training to bring their employees up to scratch.
Certifications are often the best way to ensure the people you work with have the right knowledge and skills to excel in their job. Malaysia has even set up its own certification body which operates under the 'Cybersecurity Malaysia Information Security Management System Audit and Certification (CSM27001) Scheme'.
It provides recommendations based on the National Institute of Standards and Technology (NIST) framework and has developed a stringent process for local vendors that includes a comprehensive evaluation of all qualifications.
So, whether you’re hiring a new employee or looking to improve your own career prospects, here is a list of some of the best IT security certifications currently on offer.
Cost: $269 (£207)
Requirements: A minimum of two years experience in IT and network security
CompTIA’s Security+ is often considered to be a core, entry level certification that can act as a springboard for IT professionals looking to peruse intermediate-level cybersecurity jobs.
The certification combines hands-on trouble shooting with practical problem-solving skills to ensure those who pass the certification can both identify and address security incidents.
NIST Cybersecurity Framework (NCSF), both Foundation and Practitioner
Cost: $995 (£767) for Foundational, $3,295 (£2,539) for Practitioner
Requirements: The Foundational course has no pre-requisites however you must hold a valid NIST Cybersecurity Foundation Certification or have equivalent knowledge to complete the Practitioner.
The Foundation level NCSF course introduces applicants to the NIST Cybersecurity Framework and outlines current cybersecurity challenges and explains how organisations who implement a NCSF programme can mitigate these roadblocks.
The Practitioner level course provides students with the skills and abilities to design, build, test, manage and improve a cybersecurity program based on the NIST Cybersecurity Framework.
Certified Ethical Hacker (CEH)
Cost: $500 (£385)
Requirements: Attend a five-day EC Council approved training course or have at least two years information security experience.
Considered to be one of the most desirable information security training programmes currently on offer, it provides students with all the necessary skills to assess the weaknesses and vulnerabilities of IT systems and infrastructures.
This certification is a must-have for anyone looking to pursue a career in penetration testing or ethical hacking.
Certified Information Security Manager (CISM)
Cost: $760 (£595)
Requirements: Five years in cybersecurity and three years in security management
This certification is a high-level credential undertaken by those looking to work in the security or risk management sector.
This qualification teaches a whole host of practical security management skills that are crucial for any information security professional.
Certified Information Systems Security Professional (CISSP)
Cost: One six-hour exam at $699 (£547) plus four additional concentration exams at $599 (£469) each.
Requirements: At least 5 years of recent full-time professional work experience in 2 or more of the 8 domains of the CISSP common body of knowledge.
Another high-level certification, CISSP is a qualification undertaken by those working in network security.
Provided by the International Information Systems Security Certification Consortium, it equips students with a comprehensive understanding of the common body of knowledge domains; asset security, engineering and access management – to name a few.
Certified Protection Professional (CPP)
Cost: $450 (£347)
Requirements: Nine years of security experience, at least three of which responsibility for a security function has been held.
Described as the ‘gold standard’ of cybersecurity certifications, this high-level qualification is often looked for by organisations wanting to hire a CISO.
It requires security management professionals to demonstrate their knowledge of seven key security domains that have been identified by CPPs as the major areas involved in security management.