Whether you are an experienced InfoSec professional or just getting into the field, you will be confronted by a wide range of InfoSec certifications. Security+, CISSP, CISA, CEH, CC, etc. What are these certifications? What does it take to obtain them and keep them? Which ones should I focus on? And just as important, do I really need to obtain one for my career?

In this presentation, we will go over the basics of certifications: why they exist, how they are obtained, and how they are maintained. We will look at the InfoSec certifications from the 5 main certifying bodies, CompTIA, ISC2, ISACA, EC-Council, and SANS/GIAC. And we will look at several related certifications that InfoSec professionals may also wish to pursue. Just as important, we will take a look at which certifications are most important based on your career focus.

At the end of the presentation, attendees should have a better understanding of certifications and a good idea as to which ones they may want to pursue.

This presentation has been updated for 2023, as there are several new certifications. The author himself has several certs from several organization and thus has experience in obtaining and maintaining them.