Dear Readers 🙏,

The Demand for Cyber Security Professionals Is Strong. 

Whether you’re just starting off in the cyber-security field or are already working as a security professional, there are many certifications for you to consider across various specializations and difficulty levels. Before jumping to the certifications let’s having look of cyber security mind-map:

cybersecurity domains v2-0 henry jiang.png

Top cybersecurity certifications

  • CISSP – Certified Information Systems Security Professional (ISC2)
  • CISA – Certified Information Systems Auditor (ISACA)
  • CISM – Certified Information Security Manager (ISACA)
  • CGEIT – Certified in the Governance of. Enterprise IT (ISACA)
  • GSEC – GIAC Security Essentials Certification
  • CRISC – Certified in Risk and Information Systems Control (ISACA)
  • CEH – Certified Ethical Hacker (EC-Council)
  • ECSA – EC-Council Certified Security Analyst (EC-Council)
  • CSX – CyberSecurity Essentials (ISACA – Fundamentals, Technical Foundations, Practitioner)
  • GPEN – GIAC Penetration Tester
  • CompTIA Security+
  • SSCP – Systems Security Certified Practitioner (ISC2)
  • OSCP – Offensive Security Certified Professional
  • ISO 27032:2012 (Guidelines for Cybersecurity)

Digital Identity

  • ForgeRock Certified Access Management Specialist
  • SailPoint Certified Identity Professional
  • Okta Certified Professional
  • Okta Certified Administrator
  • SailPoint certifications
  • Splunk certifications


  • CIPP – Certified Information Privacy Professional
  • CIPM – Certified Information Privacy Manager
  • CIPT – Certified Information Privacy Technologist
  • CLPI – Certified Lead Privacy Implementer
  • DPO – Certified Data Protection Officer
  • GDPR Implementation by BSI


  • PCIP – Payment Card Industry Professional
  • CPISI – Certified Payment Card Industry Security Implementer

Cloud security

  • CCSP – Certified Cloud Security Professional (ISC2)
  • CCSK – Certificate of Cloud Security Knowledge
  • AWS (Associate, Professional, Security)
  • Azure Security
  • CCNA Cloud
  • CompTIA Cloud+
  • MCSE – Microsoft Certified Solutions Expert (Cloud Platform and Infrastructure)
  • NCCA – Netskope Certified Cloud Associate

Secure Software Lifecycle

  • CSSLP – Certified Secure Software Lifecycle Professional (ISC2)
  • GWEB: Certified Web Application Defender (SANS, Advanced)
  • GSSP-JAVA: Secure Software Programmer – Java (SANS, Advanced)
  • GSSP-NET: Secure Software Programmer – .NET (SANS, Advanced)

Business Continuity

  • AMBCI – Associate Member of BCI (Business Continuity Institute)
  • MBCI – Member of BCI
  • AFBCI – Associate Fellow of BCI
  • FBCI – Fellow of BCI
  • ABCP – Associate Business Continuity Professional (Disaster Recovery Institute)
  • CBCP – Certified Business Continuity Professional
  • CFCP – Certified Functional Continuity Professional
  • MBCP – Master Business Continuity Professional
  • ISO 22301 (Business Continuity Management – Implementation, Lead Auditor)
  • EDRP – EC-Council Disaster Recovery Professional

Architecture & Design

  • TOGAF 9.1 Level 1 and Level 2
  • SABSA Foundation (F1&F2)
  • SABSA Practitioner (A1 & A3)
  • SABSA Master
  • CISSP-ISSAP – CISSP Information Systems Security Architecture Professional
  • CISSP-ISSEP – CISSP Information Systems Security Engineering Professional

Cyber Defence

  • GISF – GIAC Information Security Fundamentals (SANS, Introductory)
  • GSEC: Security Essentials (SANS, Intermediate)
  • GCED: Certified Enterprise Defender (SANS, Advanced)
  • GPPA: Certified Perimeter Protection Analyst (SANS, Advanced)
  • GCIA: Certified Intrusion Analyst (SANS, Advanced)
  • GCWN: Certified Windows Security Administrator (SANS, Advanced)
  • GCUX: Certified UNIX Security Administrator (SANS, Advanced)
  • GMON: Continuous Monitoring Certification (SANS, Advanced)
  • GCDA: Certified Detection Analyst (SANS, Advanced)
  • GCCC: Critical Controls Certification (SANS, Advanced)

Penetration Test

  • CRT Pen – CREST Registered Penetration Tester
  • GCIH: Certified Incident Handler (SANS, Intermediate)
  • GPEN: Certified Penetration Tester (SANS, Advanced)
  • GWAPT: Web Application Penetration Tester (SANS, Advanced)
  • GPYC: Python Coder (SANS, Advanced)
  • GMOB: Mobile Device Security Analyst (SANS, Advanced)
  • GAWN: Assessing Wireless Networks (SANS, Advanced)
  • GXPN: Exploit Researcher and Advanced Penetration Tester (SANS, Advanced)
  • Licensed Penetration Tester (EC-Council, Master)

Digital Forensics and Incident Response

  • GCFE: Certified Forensics Examiner (SANS, Intermediate)
  • GCFA: Certified Forensic Analyst (SANS, Advanced)
  • GNFA: Network Forensic Analyst (SANS, Advanced)
  • GCTI: Cyber Threat Intelligence (SANS, Advanced)
  • GASF: Advanced Smartphone Forensics (SANS, Advanced)
  • GREM: Reverse Engineering Malware (SANS, Advanced)
  • CHFI – Computer Hacking Forensic Investigator (EC-Council)
  • ECIH – EC-Council Certified Incident Handler
  • C|TIA – Certified Threat Intelligence Analyst (EC-Council)
  • Advanced Mobile Forensics and Security (EC-Council, CAST 612)

Management and Leadership

  • Associate of (ISC2)
  • CISSP-ISSMP – CISSP Information Systems Security Management Professional
  • GISP: Information Security Professional (SANS, Intermediate)
  • GSLC: Security Leadership Certification (SANS, Advanced)
  • GSTRT: Strategic Planning, Policy, and Leadership (SANS, Advanced)
  • GCPM: Certified Project Manager Certification (SANS, Advanced)
  • GLEG: Law of Data Security and Investigations (SANS, Advanced)
  • GSNA: Systems and Network Auditor (SANS, Advanced)
  • C|CISO – Certified Chief Information Security Officer (EC-Council)

Industrial Control Systems

  • GICSP: Global Industrial Cyber Security Professional (SANS, Intermediate)
  • GRID: Response and Industrial Defense (SANS, Advanced)
  • GCIP: Critical Infrastructure Protection (SANS, Advanced)

Application security

  • CASE – Certified Application Security Engineer (EC-Council, Java)
  • CASE – Certified Application Security Engineer (EC-Council, .Net)
  • ECES – EC-Council Certified Encryption Specialist
  • Web Application Security (EC-Council, CAST 613)
  • OSWE – Offensive Security Web Expert

Network security & Infrastructure

  • CND – Certified Network Defender (EC-Council)
  • CNDA – Certified Network Defense Architect (EC-Council)
  • Advanced Network Defense (EC-Council, CAST 614)
  • Windows Infrastructure Security (EC-Council, CAST 616)
  • CSCU – Certified Secure Computer User (EC-Council)


  • CAP – Certified Authorisation Professional (ISC2)
  • HCISPP – Health Care Information Security and Privacy Practitioner (ISC2)
  • CPSA – CREST Practitioner Security Analyst
  • KLCP – Offensive Security Kali Linux Certified Professional
  • ECSA – EC Council Certified Security Analyst
  • ECSS – EC-Council Certified Security Specialist
  • ISO 27001:2013 (Information security Management system – Lead Implementor, Internal Auditor, Lead Auditor)
  • ISO 27002:2013 (Information security Management system – Implementation)
  • ISO 27005:2018 (Information Security Risk Management)
  • ISO 31000:2018 (Risk Management – Introduction, Implementation)
  • ISO 27035 (Incident Management – Lead Incident manager)

👉 Note: Part -2 coming soon


2 Comments Add yours

  1. Honest Makina says:

    How can i learn these programmes??


    1. D3pak Kumar says:

      @Honest Makina
      Learning is an art, first chose any specific area and then search on internet there are many free online resources to learn… For example cybrary,mit,udemy,coursera etc.

      One’s coming to programming domain then learn the emerging technology programming languages …


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.