Making the Most of Security Certifications
Certifications have been de rigueur in IT for decades, with both general and specialized ones for all manner of systems administration. Rare is the technology pro who doesn’t hold some combination of industry- and vendor-driven certifications in disciplines such as networking and systems architecture.
By comparison, the growing list of specialty security certifications is fairly young. With the exception of the 25-year-old Certified Information Systems Security Professional (CISSP) certification, most of the popular security-specific certs today are less than a decade old.
In enterprise environments, debate rages over the true value of certifications such as CompTIA’s Security+, SANS’ Global Information Assurance Certification Security Essentials (GSEC) or EC-Council’s Certified Ethical Hacker (CEH). Some organizations view them as vital for security team members, while others dismiss them as an academic expression of skills that demand practical experience and capability.
In the channel, however, the question is less about how certifications are viewed by others in the security industry and more about how they reflect a partner’s trustworthiness, capabilities, and commitment to an audience of non-technical clients and prospects. In this regard, certifications have tremendous value to security practitioners looking to rise above the pack in a popular technology services space crowded with competitors of wildly varying skill levels.
When going to market, hard-earned security certifications in hand, consider what these certs say about your business and can do for your sales.
Certifications foster the trust factor.
The relationship with a security services provider is, first and foremost, a matter of trust. A client or prospect needs to have complete faith that the partner is willing and capable of protecting the assets they hold most dear. A security certification is like a lighted placard that declares, “Security is our mission.” It’s a valuable tool to help set your practice apart from the legion of generalists dabbling in infosec.