The True Value of Cybersecurity Certifications

00:06

I realized that I am now in my 30th year

00:09

in it this year which really sounds

00:14

incredibly that's great which makes me

00:17

feel very old though um but one thing

00:19

that I've really been uh a you know big

00:23

uh supporter of is certifications M um

00:27

from the beginning I've

00:30

when I was even in Northwest Territories

00:31

I took some sand certifications when I

00:34

moved to Alberta I I looked at what the

00:38

base level I considered and I don't want

00:40

to say entry level as base level but I

00:42

mean the next step up uh what those are

00:45

for certifications and to me it was the

00:47

cissp and and the S gack things this

00:50

nature now I haven't done a lot of what

00:53

I call the industry level big search of

00:55

a while but I've been watching you over

00:58

the last three or four years and you're

00:59

just nailing them off and I was actually

01:02

looking at a list of the top 10 search

01:04

and you have six of them okay you have

01:07

your CP which is pretty much a a if you

01:09

want to get into security nowadays and

01:12

again I don't mean that it's entry I

01:13

mean any um not entry level but that

01:17

Baseline it's that Baseline layer

01:19

because I do believe and there's always

01:21

these talks on on LinkedIn that you

01:23

can't ask for an entry-level position

01:25

having a CSP which I agree with so

01:27

there's that there is the cisa

01:30

isaka CIS cism another isaka

01:34

certifications uh there's a isaka crisk

01:37

yes that you have um there's the

01:41

certified ethical hacker which you have

01:44

and then what's the cloud certification

01:46

you have the ccsp which is the also from

01:48

the IC Square okay yeah so you have six

01:51

of what is considered the top 10

01:53

certifications out there now so I was

01:57

going to I I do like to ask people what

01:59

what they take on certification is being

02:01

that you have six of the top 10 I'm

02:02

going to say you probably think

02:03

certifications are valuable but why did

02:06

you pursue the certifications 100% so uh

02:11

do I think it's kind of like important

02:13

or valuable yes I do uh for many reasons

02:16

one is

02:18

um it's help you validate your skills

02:21

and help you validate your knowledge

02:23

right so we are all in the industry

02:25

probably having that imposter syndrome

02:28

in terms of like um am I really um well

02:33

educated or kind of like have the

02:35

necessary skills or knowledge in certain

02:37

areas and certificates or credentials

02:40

they help you to validate that right if

02:42

you are doing it the right way so if you

02:44

are trying okay that's a key term there

02:46

so let's yeah so what define the right

02:48

way so the right way is basically you

02:50

don't just go and study for the practice

02:53

exam or kind of like some questions and

02:55

you

02:56

say exactly no you need you need really

02:59

to to respect the certificates respect

03:02

their credential and respect that many

03:05

people spend a lot of time to build that

03:07

certificates build the thought process

03:09

behind it right and read the book uh

03:12

check out resources learn from the

03:15

perspective of different people and then

03:17

definitely you need to do uh the

03:20

questions the questions help you to

03:22

understand different situations help you

03:24

understand different scenarios and

03:26

that's what I like about those

03:27

certificates is basically it doesn't

03:30

give you a multiple choice of like a

03:31

command line or whatever you to kind of

03:33

humorize which today you can Google it

03:36

you can like use geni geni to kind of

03:39

like I was just going to say AI now you

03:41

can ask AI to do a lot for you uh what

03:43

happens if everybody gets reliant on do

03:46

using Ai and then they don't understand

03:47

some of the fundamental SI you got there

03:49

exactly okay but rather they really

03:51

discuss situations they discuss conflict

03:53

of interest they discuss what is the

03:55

best action if you are trying to protect

03:58

your environment or your dat sense

04:00

information regulations all that stuff

04:02

so I found the certificate validate my

04:06

knowledge help me kind of like build

04:08

confidence in in the field and sometimes

04:11

even secure some uh some jobs like some

04:14

organizations or some Industries they

04:16

still ask for credentials they still ask

04:19

for um um validation from you right so

04:23

that's that's really the idea behind it

04:25

yeah i' I've whenever I look back at the

04:27

certifications I've taken I I I definely

04:30

see the cssp as that Baseline one that

04:32

everybody wants I personally have always

04:34

and maybe I'm biased because I took the

04:35

Sands course where you actually had to

04:37

take like the actual class and you had

04:39

to take the labs and use your challenge

04:42

at the end I found that those to me were

04:44

more worthwhile because I had to

04:46

demonstrate actually skill set yes um

04:49

but that's a a great base level um great

04:53

base layer and I always also say

04:56

that you know while I do see I do know

04:59

people out there who try to brain dump

05:01

stuff things of that nature uh I think

05:04

you can usually you should be able to

05:05

tell that through an interview process

05:08

by just a very yeah you some

05:11

very particular questions should Point

05:14

some of that out um and the people who

05:17

pass these exams the right way we'll

05:19

talk about that right way not only do we

05:21

understand that they have that base

05:22

level but I also know that they can take

05:26

on a project and if it's a some of these

05:29

search might take three to six months

05:30

again I know that they can budget time

05:33

they can study they can get the right

05:34

resources they can ask for help they've

05:36

have a process and I know they could

05:38

take on a project go from beginning to

05:40

end they invested and that tells me a

05:43

lot about uh individuals when they do uh

05:46

when they you know they have these

05:47

certifications absolutely true and um

05:51

speaking about sense for example you are

05:53

saying uh being in a classroom or um I

05:57

definitely recommend that if your budget

05:58

permits go for a boot camp go for

06:01

because like the collaboration between

06:03

you and your peers in the class is

06:05

different you can ask about certain

06:07

scenarios or situations they run into

06:10

because we are usually work with one

06:13

industry or maybe you shift to another

06:14

industry but it's really nice to see how

06:16

other people think in different

06:18

Industries or different sectors what

06:20

type of regulations they they need to

06:22

handle or deal with what type of risks

06:24

to the well Healthcare versus Financial

06:26

both could use security for but have

06:28

different exact um different approaches

06:30

to it I think that's great and um I I

06:34

kind of I wanted to finish off with just

06:36

saying that you've got six out of 10 are

06:38

you going to try to finish all 10 um I

06:41

have plans yeah awesome I on yeah I have

06:44

plans to move on definitely I still

06:46

going to focus on vendor neutral

06:48

certifications rather than vendor

06:50

specific because I think it depends on

06:53

your role what's your career goals in my

06:55

in my case is basically um um I like to

07:00

kind of like work on the whole context

07:03

or understand the full context of

07:05

Technologies the security controls

07:06

rather than focusing on or being a

07:09

subject Market expert in certain

07:10

technology right yeah no sounds good I

07:13

can't wait to see what you're going to

07:14

do next for the certifications it's

07:16

going to be um fun to watch yeah

07:19

[Music]