@Kingdavid55 as
@denbesten points out CC is not going to get you a job. If you don’t have experience in any IT role get an IT role before you go into Cybersecurity, unless you’re looking at trainee or intern positions or they are exceptionally talented anyone getting interviewed that doesn’t have a computer science degree with no IT experience will not get a job in cybersecurity.
There isn’t enough preparation in the industry for widespread recognition of CC, though I think there’s some hope that a bit of the CISSP will rub off, raising the CC up but it doesn’t have the benefit of peer certified/endorsed/validated experience, and really is entry level. Even more so than SSCP, which at least has an experience requirement.
CompTIA’s Security+ is the one entry level certification that really has a bit of an ‘in’ because it’s got a long history and has simulation questions(it terms them Performance Based Questions or PBQs), normally security+ candidates might have A+, Network+, Linux+ etc making them pretty useful right away. Contrasting this CC is limited to book knowledge in five domains.
ISC2 is trying to replace or complement Security+ by offering a competing certification with some free training and a free test for a limited time, but look at how much you’ll need to stump up if you don’t pass first time… and in any case. pay fifty USD per year afterwards let’s say you’re 22 now and plan on working till you are 67 and never sit CISSP or another ISC2 that’s 2600 USD, not a bad PUPY, and a better deal than a CISSP member(125 USD PUPY) for the same cost as an associate, but it is still a significant investment.
To do it ISC2 certainly are not holding back on marketing words and hyperbole:
“Take the first step to a rewarding career with Certified in Cybersecurity (CC) from ISC2, the world’s leading cybersecurity professional organization known for the CISSP. You don’t need experience — just the passion and drive to enter a field that opens limitless opportunities around the globe.”
This might make you feel that CC is sort of CISSP junior, and look a CISSP gets paid X, therefore you might think with CC and the cybersecurity hiring shortage I could instantly get Y! “No Experience…limitless opportunities…Globe!”
But Here be Dragons.
Unfortunately CISSP gets paid precisely nothing, as do any of the letters you get, Security+, OCSP, CC etc the badges, certificates etc. none of them do any work… it’s people.
Employers with cybersecurity needs hire experienced, skilled people who can design systems, build them, troubleshoot them, break into them, repel attackers, influence decision makes with logical argument etc - certs are nice, qualifications are nice, they may be required - but without the experience they are worth nothing - ISC2s certifications do help filter out paper tigers, but with no experience ISC2’s CC can’t do this.
It’s good to have a CC in the balance, it will probably get better as there is more recognition but realistically without at least some experience in IT you won’t go through automated filters, let alone HR. As a hiring manager you get used to having no CVs… and that’s not true, they just got screened out.
There will always be exceptions, but if these are few and far between then the rule is probably good.
Do carry out a weekly study of the employment markets in the jurisdictions you can legally work in and search for prevalence of keywords etc, not all adverts are real, and many reqs get pulled - but if you trend these over time you can see what the demand is - this let’s you plan your certification path sensibly- and if you are starting out Microsoft, Google, AWS, Cisco and VMWare certifications on tools you use are very helpful.
Sorry for waxing lyrical, but I do feel there are going to be a lot of people investing time, effort and money on something that might not help them now and could be much more useful with a year or twos experience in IT.
