The Role of College and Certifications in Cybersecurity Careers
In today’s fast-evolving cybersecurity landscape, the debate between the value of a college degree versus professional certifications is more heated than ever. Are traditional four-year degrees becoming obsolete in the face of rapidly updating certification programs? Do hiring managers care more about your ability to persevere through college or your up-to-the-minute skills from industry-recognized certifications? Our recent discussion with Lead Technology Evangelist, James Stanger of CompTIA and our own Jason Dion of Dion Training sheds light on this issue, providing crucial insights for anyone looking to break into the cybersecurity field.
The Value of College Education
Contrary to popular belief, mostly sewn by his own frequent “college bashing” as Jason puts it, he is not against college education—in fact, he holds a bachelor’s degree, two master’s degrees, and several graduate certificates. He emphasized that understanding what college is doing for you is crucial. The main reason hiring managers value a four-year college degree isn’t necessarily the specific knowledge gained, but rather the ability to learn and persist through a challenging program.
Jason says “The key thing to realize is that employers value the degree because it shows you can stick with something difficult for four years.”
One of the limitations of college education, however, is the lag in updating textbooks. When Jason pursued his first master’s degree in IT and information assurance about two decades ago, contemporary topics like cloud computing and software as a service were absent from the curriculum. This delay is due to the time it takes to incorporate new developments into college textbooks.
For example, Jason says the textbooks he used in college didn’t mention cloud or software as a service because those were new concepts at the time. It often takes around five years to get new information into college textbooks. That’s why certifications, which are updated more frequently, can be more relevant. Certifications, such as CompTIA’s Security+, are updated every three years, ensuring that the material is current and relevant. This makes certifications a valuable asset for demonstrating up-to-date knowledge and skills to potential employers.
Stanger says "Certifications give you the currency to say you know the information as it exists today."
Skills-Focused Hiring
The conversation also touched on the growing trend of skills-focused hiring. The White House’s Skills First initiative, which CompTIA actively supports, emphasizes the importance of hiring based on skills rather than traditional educational credentials. This trend recognizes the value of non-traditional and alternative workforces. Stanger commented “We’re seeing a trend towards recognizing the importance of skills-focused hiring. While some employers still prefer four-year degrees, there’s a growing appreciation for practical skills and alternative qualifications.”
In cybersecurity, practical skills are crucial. For instance, in pen testing, the ability to write comprehensive reports is as important as technical hacking skills. Understanding how to communicate findings and recommendations to different audiences—whether technical teams, board members, or IT departments—is essential. For example, Stanger said “The first pen testing job I got, they said, 'James, you’re great at hacking, but we all hate to write, and you know how to write.' Proper reporting is a critical part of pen testing and security analytics. You need to be able to communicate effectively with various audiences.” Proper reporting is a critical part of pen testing and security analytics. Without accurate and detailed write-ups, the technical work becomes ineffective.
In the cybersecurity field, both college education and certifications have their place. While a degree can demonstrate perseverance and the ability to learn, certifications provide up-to-date knowledge and practical skills. The growing trend of skills-focused hiring further underscores the importance of practical experience and alternative educational pathways. Aspiring cybersecurity professionals should focus on acquiring relevant certifications, gaining hands-on experience, and developing strong communication skills to stand out in a competitive job market.
For more insights from our discussion with James Stanger and Jason Dion, watch the full video here.
In today’s fast-evolving cybersecurity landscape, the debate between the value of a college degree versus professional certifications is more heated than ever. Are traditional four-year degrees becoming obsolete in the face of rapidly updating certification programs? Do hiring managers care more about your ability to persevere through college or your up-to-the-minute skills from industry-recognized certifications? Our recent discussion with Lead Technology Evangelist, James Stanger of CompTIA and our own Jason Dion of Dion Training sheds light on this issue, providing crucial insights for anyone looking to break into the cybersecurity field.
The Value of College Education
Contrary to popular belief, mostly sewn by his own frequent “college bashing” as Jason puts it, he is not against college education—in fact, he holds a bachelor’s degree, two master’s degrees, and several graduate certificates. He emphasized that understanding what college is doing for you is crucial. The main reason hiring managers value a four-year college degree isn’t necessarily the specific knowledge gained, but rather the ability to learn and persist through a challenging program.
Jason says “The key thing to realize is that employers value the degree because it shows you can stick with something difficult for four years.”
One of the limitations of college education, however, is the lag in updating textbooks. When Jason pursued his first master’s degree in IT and information assurance about two decades ago, contemporary topics like cloud computing and software as a service were absent from the curriculum. This delay is due to the time it takes to incorporate new developments into college textbooks.
For example, Jason says the textbooks he used in college didn’t mention cloud or software as a service because those were new concepts at the time. It often takes around five years to get new information into college textbooks. That’s why certifications, which are updated more frequently, can be more relevant. Certifications, such as CompTIA’s Security+, are updated every three years, ensuring that the material is current and relevant. This makes certifications a valuable asset for demonstrating up-to-date knowledge and skills to potential employers.
Stanger says "Certifications give you the currency to say you know the information as it exists today."
Skills-Focused Hiring
The conversation also touched on the growing trend of skills-focused hiring. The White House’s Skills First initiative, which CompTIA actively supports, emphasizes the importance of hiring based on skills rather than traditional educational credentials. This trend recognizes the value of non-traditional and alternative workforces. Stanger commented “We’re seeing a trend towards recognizing the importance of skills-focused hiring. While some employers still prefer four-year degrees, there’s a growing appreciation for practical skills and alternative qualifications.”
In cybersecurity, practical skills are crucial. For instance, in pen testing, the ability to write comprehensive reports is as important as technical hacking skills. Understanding how to communicate findings and recommendations to different audiences—whether technical teams, board members, or IT departments—is essential. For example, Stanger said “The first pen testing job I got, they said, 'James, you’re great at hacking, but we all hate to write, and you know how to write.' Proper reporting is a critical part of pen testing and security analytics. You need to be able to communicate effectively with various audiences.” Proper reporting is a critical part of pen testing and security analytics. Without accurate and detailed write-ups, the technical work becomes ineffective.
In the cybersecurity field, both college education and certifications have their place. While a degree can demonstrate perseverance and the ability to learn, certifications provide up-to-date knowledge and practical skills. The growing trend of skills-focused hiring further underscores the importance of practical experience and alternative educational pathways. Aspiring cybersecurity professionals should focus on acquiring relevant certifications, gaining hands-on experience, and developing strong communication skills to stand out in a competitive job market.
For more insights from our discussion with James Stanger and Jason Dion, watch the full video here.
Latest Post
Get Online Courses From
Dion
Explore diverse online courses for learning.