CompTIA Security+ is the most widely-held certification among cybersecurity professionals.
That fact alone is interesting. But it becomes much more significant when you know that cybersecurity is predicted to be one of the fastest-growing job areas over the remainder of this decade, which means CompTIA Security+ can help you move forward in a field that presents incredible career opportunities right now.
In this article, we’ll explore the cybersecurity job market, what CompTIA Security+ is, and how it fits within a possible career path.
The cybersecurity job market is ripe with opportunities.
The Internet has made an enormous positive impact on the world by opening up new, more efficient ways to communicate, learn, and conduct business.
As it has grown, however, it has also created new opportunities for criminals and malicious state actors to cause harm. Put simply, the more connected we are, the more points of vulnerability to which we are exposed.
In recent years, cyber-attacks are becoming more sophisticated and more destructive. A high-profile ransomware attack in 2021 temporarily caused the shutdown of a gas pipeline, spiking prices and costing the company $4.4 million in a ransom payment.
As companies and government agencies realize the prevalence of attacks and the potential consequences, they are urgently looking for cybersecurity professionals to protect their data and IT infrastructure.
But there’s not enough talent to go around. Based on extensive survey data, the cybersecurity organization (ISC)2 estimates there is currently a global shortage of 3.4 million workers in this field. In the U.S. alone, there are over 750,000 job openings in cybersecurity.
There are various efforts underway to close the gap by training more people, but analysts expect the skills gap to remain for the foreseeable future. That’s partly because demand will likely continue to grow. The Bureau of Labor Statistics predicts employment for Information Security Analysts to increase by 35% between 2021 and 2031, much higher than the average growth rate for all jobs in the U.S.
So what does all of this mean for those thinking about a career in IT security? One aspect is that companies are likely to be more open to hiring candidates who lack the qualifications that would traditionally be required, particularly college degrees.
As Mike Aalto, CEO of security firm HoxHunt, puts it, “Since there will be a major shortfall in terms of applicants with a relevant bachelor’s degree, managers will be looking for people with security certifications or, sometimes, raw candidates with the right combination of skills and mindset for the role.
If you look at job postings, you’ll see evidence that his prediction is correct. We found a recent Cybersecurity Analyst position advertised for a major U.S. company that described the minimum education it was looking for as “the knowledge, skills, and abilities typically acquired through the completion of a bachelor's degree program or equivalent degree in a field of study related to the job.”
In other words, they want a candidate with the right skills and knowledge, no matter how that person acquired them. The job further listed required experience as zero years.
So how does a candidate without a college degree (or even with one) demonstrate to employers that he or she has what it takes to do the job?
This is where the CompTIA Security+ comes in.
What is the CompTIA Security+?
CompTIA Security+ is a certification that indicates an individual has a solid grasp of the foundations of cybersecurity. Like other certifications from CompTIA, the exam to earn it includes both informational questions as well as performance-based elements to ensure that those certified can use their knowledge in real-world situations.
It tests for competence in areas like:
- Types of Attacks and Vulnerabilities: Common ways systems are attacked, including the newest types of vulnerabilities and exploits
Operations: Best practices for organizational procedures for threat prevention, detection, and response
Technical Environment: How cloud networks and other enterprise IT systems are set up and how they affect security
Implementation: Procedures and systems for managing access to networks and computing assets
- Risk and Compliance: Regulations that govern data security and how to manage an organization’s risk
Security+ can play an important role in showing a potential employer that you have key skills in the area of cybersecurity. A large number of job openings in this field request that a candidate possess this certification.
But the CompTIA Security+ certification is just part of what you’ll need to be competitive for job openings in this industry. In the next section, we’ll describe how it fits within the context of a possible career path.
Explore a cybersecurity career path without a college degree
As we saw above, it’s possible to get a job in cybersecurity without a bachelor’s degree, provided you have the right skills and knowledge. The Security+ certification is designed to test for those skills and shows that you are equipped for an entry-level cybersecurity role.
But the Security+ certification doesn’t stand on its own. CompTIA intends for it to build on a foundation of broader knowledge about IT. If you follow CompTIA’s recommended pathway of developing your expertise in this area, your journey would look like this:
- Earn the CompTIA A+ Certification.
This is an industry-standard certification that tests your knowledge in all the fundamental areas of IT. This knowledge is crucial as a starting point for growth into more advanced areas.
- Get some experience.
It’s important to solidify what you learn by putting it into practice in a work environment. You’ll become confident in the basics and start to build a broader experience in IT that will give you the needed context for the next stage of learning. CompTIA recommends 9–12 months at this stage before moving forward.
- Earn the CompTIA Network+ Certification.
Networking is an essential part of the modern computing environment. This certification makes sure you thoroughly understand this key area, including network security.
- Build experience in security.
Many entry-level IT roles have a security component. At this stage in your career, you would look for ways to focus on this area as you continue to develop your expertise. CompTIA recommends at least two years of work at this level.
- Earn the CompTIA Security+.
Now you should be ready to prove what you know by taking the Security+ exam. After earning the certification, you’ll be ready to pursue an entry-level cybersecurity position.
As you can see, this pathway is about three years from start to finish, depending upon how long it takes you to be ready to earn that first certification.
That might sound like a long time, but remember that you’ll be earning a decent salary during this whole period. Compare that to a college degree that will take you four years and cost you a significant amount of money.
By the way, your career doesn’t have to stop at earning your Security+. As you continue to gain experience and grow in your role, you can earn further certifications from CompTIA, like their Cybersecurity Analyst (CySA+), Advanced Security Practitioner (CASP+), and PenTest+. These will help you reach more senior positions in the field.
Begin your journey.
If you’re excited about getting started on a career in cybersecurity, where do you go from here?
As we saw above, the first step CompTIA recommends is to earn their A+ certification. This will help you get started in IT with an entry-level position where you can build your experience and work toward your eventual goal of specializing in cybersecurity.
Before taking the exam, however, you’ll need to be prepared. There are various ways to do this, but we think one of the best is to take a course that is specifically designed to teach you what you need to know to be successful on the test. CompTIA has those resources to help get you ready to take your exam.