UK Cyber Security Council launches certification mapping tool

The UK Cyber Security Council has launched the first phase of a certification mapping tool designed to help developing cyber professionals map all available security certifications onto 16 previously identified specialisms – which are collectively based on the Knowledge Areas contained in the Cyber Body of Knowledge (CyBOK).

At launch, it includes at least one certification per specialism, and the Council hopes to be able to add many more options over the course of time. Ultimately, it wants to deliver a “comprehensive resource” guiding security pros to options of value whatever path they are following through their careers.

The latest resource addition follows the recent launch of a career mapping tool that helps budding security pros set out along the initial pathways into the 16 specialisms. Once complete, the Council hopes the two tools will work together to provide a centralised resource for people to roadmap their security careers.

“There are so many different certifications within cyber security, which makes it difficult for candidates to know where to start,” said UK Cyber Security Council CEO Simon Hepburn.

“We know that there are multiple perceived barriers to a career in cyber, and at the Council we want to make sure that certification is not one of them.

“People spend time and money on getting certifications, and it’s important that they do so knowing the level they achieve is aligned to the specialism and role they want to secure,” he said.

“Starting out, a junior cyber professional may see senior people with multiple certifications – likely because they have acquired them throughout their career as different employers have required different skills. This can be overwhelming for new candidates, who may not realise they don’t need all of these certifications straight away.”

Hepburn added: “We are developing a solution to this problem by providing clear advice on what certifications are necessary for each specialism, along with course costs and known providers. Once you’ve identified your specialism through our career mapping tool, we want to ensure the next steps are as straightforward as possible through our certification mapping tool.”

The current set of specialisms are as follows: cryptography and communications security; cyber security audit and assurance; cyber security generalist; cyber security governance and risk management; cyber security management; cyber threat intelligence; data protection and privacy; digital forensics; identity and access management; incident response; network monitoring and intrusion detection; secure operations; secure system architecture and design; secure system development; security testing; and vulnerability management.

The full framework can be accessed here, and the Council is also inviting security professionals to come forward with feedback or further questions.