In late February, a ransomware attack on Change Healthcare (a division of United Healthcare, the nation’s largest insurer) crippled pharmacies nationwide. This interrupted access to dental and medical records, and halted insurance billing at hospitals and clinics. The attack created chaos and affected millions of Americans, many of whom were unable to obtain their prescription medications for more than two weeks.
Change Healthcare isn’t alone. The US Department of Health and Human Services is currently investigating almost a thousand cases of security breaches at hospitals, clinics, and insurance companies. HHS spokesperson Jeff Nesbit told the New York Times: “This incident serves as yet another reminder … of the urgency of strengthening cybersecurity [resilience] across the ecosystem.”
A data breach wreaks havoc and costs its victim an average of $4.45 million. To combat cyberattacks in all industries, the field of cybersecurity is currently among the fastest-growing fields in information technology: from May 2022 to April 2023, there were 660,000 cybersecurity-related job openings in the United States—up 28 percent from the same time period in 2020–21. The workforce is growing fast, but the need is growing faster.
CompTIA CyberSecurity certifications: the building blocks of cybersecurity
The CompTIA Cybersecurity Career Pathway offers a structured approach for IT professionals who need to advance a career in cybersecurity—from entry-level hands-on operational security to senior-level strategic planning.
The CompTIA Cybersecurity Pathway is formally composed of four certifications:
- CompTIA Security+
- CompTIA Cybersecurity Analyst (CySA+)
- CompTIA PenTest+
- CompTIA Advanced Security Practitioner (CASP+)
Trainees can enter the CompTIA Cybersecurity Certification Pathway at any point based on experience and existing certifications. CompTIA A+ and Network+ are recommended for total beginners with no IT or or information security experience who need to come up to speed. CompTIA Security+ is the ideal place to start the pathway for early-career cybersecurity professionals. CySA+ and PenTest+ are co-equal, differing by security posture (CySA+ is a defensive “blue team” stance, while PenTest+ embraces a “red team” offensive approach).
A detailed look at CompTIA Cybersecurity certifications
CompTIA Security+ is where most IT professionals start. This certification program focuses on foundational, hands-on cybersecurity knowledge, covering essential principles for network security and risk management. Skills covered include:
- Monitoring and securing hybrid environments, including cloud, mobile, Internet of Things (IoT) and operational technology (OT)
- Building awareness of applicable regulations and policies, including principles of governance, risk, and compliance
- Identifying, analyzing and responding to security events and incidents.
CompTIA suggests at least two years of experience in systems administration or cybersecurity before starting Security+.
CompTIA Cybersecurity Analyst (CySA+) is for IT professionals looking to grow their defensive (“blue team”) cybersecurity skills and knowledge in cybersecurity analytics. The CompTIA Cybersecurity Analyst (CySA+) certification is for cyber professionals tasked with incident detection, prevention and response through continuous security monitoring. CySA is intended for professionals who have already earned the Security+ certification, or have three to four years of cybersecurity field work.
CompTIA PenTest+ is designed for IT professionals responsible for offensive (“red team”) cybersecurity: penetration testing and vulnerability management. CompTIA CSA+ focuses on defense through incident detection and response, while the concurrent CompTIA PenTest+ focuses on offense through penetration testing and vulnerability assessment: scanning, identifying, exploiting, reporting, and managing network weakness. As with CySA, this program is recommended for IT professionals with three to four years of cybersecurity field work.
CompTIA Advanced Security Practitioner (CASP+) is designed for IT professionals with at least five to ten years of experience. This certification dives deep into critical thinking and judgment across a broad spectrum of security disciplines. It is designed for those stepping into senior job roles as security engineers, security analysts, and cybersecurity architects or consultants. CASP+ is intended for those who wish to remain hands-on with enterprise-level security, incident response, and architecture, rather than strictly managing cybersecurity policy and frameworks.
Navigating the CompTIA Cybersecurity Certification Pathway with Pearson
Pearson offers a full range of video, self-led, and instructor-led courseware to guide your workforce down the CompTIA certification pathway. All Pearson courseware is written based on vendors’ certification objectives and domains, so it is directly aligned with certification.
Because nothing prepares as well as hands-on experience, every course on the pathway is supported by Pearson’s CertPREP Training Labs. In the virtual Training Labs students and IT professionals get hands-on practice without disrupting your network or business. Labs are cloud-hosted for maximum flexibility and availability. Each thirty- to sixty-minute scenario is tailored to a meaningful challenge, with automated assessments and feedback.
Contact us today to begin your journey on the CompTIA Cybersecurity Certification Path and strengthen your workforce.
Looking for IT training and learning solutions to upskill your existing team or attract new pros?
Explore our catalog of IT certification prep materials, including courseware, practice tests, certification exam vouchers and more.
