File Picture (supplied:Reuters)

CAPE TOWN - Lately around the world and especially in South Africa data breaches and cyberattacks are on the  rise so any information you would regard as personal is at risk. 

ALSO READ: #Dataleaks:You can now see if you are a victim

The need for more certified cybersecurity experts and professionals have increased in corporate and organisation to prevent themselves from being vulnerable to hackers and cyber thieves.

The cybersecurity field has received a major surge of up to 80% over the past three years which is more than any other IT-related job. 

However, before getting started in your career as a cybersecurity expert, it's important to understand the basics of networks and how data moves from place to place.

So it is in your best interest to gain some valuable cyber security certifications.

ALSO READ: Cyber Attack Update: Global corporates attacked

Cybersecurity certifications not only boost your skills but also verify your knowledge and credibility.

Here are a list of Cybersecurity certfications that you would need:

1. CISA - Certified Information Systems Auditor

The CISA certification is regonised across the world as the standard of achievement for those who audit, monitor, access and control information technology and business systems.

Being CISA-certified showcases candidates for their audit experience, skills, and knowledge, and signifies that you are an expert in managing vulnerabilities, instituting controls and ensuring compliance within the field. 

2. CISM - Certified Information Security Manager

The demand for skilled information security managers is on the rise and CISM is the globally accepted certification standard of achievement in this area.

The uniquely management-focused CISM certification ensures and recognises your expertise to manage, design, and oversee and assess an enterprise's information security.

3. CISSP - Certified Information Systems Security Professional

The CISSP certification is a globally-recognised certification in the field of information security. 

Offered by the International Information Systems Security Certification Consortium, commonly known as (ISC)², CISSP  requires a broad level of knowledge.

Marco Slaviero, Lead Researcher at Thinkst  Applied Research, a company with a focus on information security shares his tips on what to consider when entering the field: 

1. Certifications matter less than you think

We routinely hired folks with no degrees or certificates, but who demonstrated aptitude or experience. 

More important is demonstrating that you're actively educating yourself. Fiddle, play, experiment.

2. Challenge yourself 

Great attackers are constantly challenging their own assumptions about how something works, and digging deeper. This mindset will pay off in spades. 

3. Learn to code decently 

It's not sufficient to say "I'm not a programmer". Security folks with coding abilities are gold.

4. Avoid specialising, Be broad. 

Roles in the infosec space are fragmenting as specialisation is taking off. 

Resist specialising as long as possible, otherwise you'll be shoehorned into (say) an web application security, or security operations, or network security stream.

 Aim to be a generalist with the knowledge that at some point you'll likely have to pick. The longer you put of specialisation, the more options you'll have when you eventually must.

Marco explains that when entering the field, newcomers don't always understand that their are always challenges in any system 

"What lots of newcomers to security struggle to grasp is that a) almost any system that claims to be "secure", isn't. And b), that's ok. The real question is not whether something is "secure", it's whether the system is designed to address a specific threat model. For example, Apple's TouchID fingerprint reader provides better security than typing in a PIN code, but isn't perfect", says Slaviero. 


"Being able to handle the messiness of real world security problems involves a delicate balance between your technical knowledge and the actual problem you're trying to solve in the real world" 

"for another example, see Facebook's recent system to combat so-called revenge porn. The solution is horrible, except it's better than the alternative", concludes Slaviero. 

- BUSINESS REPORT ONLINE