The Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are two of the most popular cybersecurity certifications available. Both certifications cover a wide range of topics, including network security, application security, and security operations. However, there are some key differences between the two certifications.
Both Google Cybersecurity Certificate and the ISC2 Certified in Cybersecurity are considered entry-level certifications
The Google Cybersecurity Certificate is very friendly for people who did not come from a computer background, but if you already know IT, Linux, SQL, or Python, you will have an advantage here. You will also learn some practical cybersecurity tools, such as SIEM and Splunk log reading, and you will end up trying to write incident report logs, short analysis reports, and so on.
The ISC2 Certified in Cybersecurity is more focused on theoretical and base level knowledge, with a bit more discussion on the differences among incident response, business continuity, and disaster recovery. Typically BC and DR are IT functions, but with cybersecurity on the rise, they are often now considered part of the cybersecurity domain.
Here is a table that summarizes the key differences between the two certifications:
* There are two versions of the “Certified for Cybersecurity” prep course, one from Coursera, and one from ISC2 itself (on its own website, isc2.org). The one from Coursera has some peer-graded assignments that’s not in the other one.
** The prep course hosted on ISC2 website is free under the “One MIllion” initiative, and has no time limit for completion (though you probably should finish before the end of 2023). The Coursera one is under the usual $49 a month 7-day free trial pricing structure.
*** The certification exam for “Certified in Cybersecurity” is $199, but again, the “One MIllion” initiative means you get the exam for FREE, by joining ISC2 as an Associate Member for free
**** I started the Coursera version on Thursday, and finished all coursework by Saturday, but had to wait for my peer-review assignments to be graded, which took another day or two. I then took the ISC2 version, starting Saturday and finished Sunday. I then took and passed the certification exam on Tuesday. So in total, the 2 courses took me 5 days, thus, 2.5 days per course.
Thoughts on Google Cybersecurity Professional Certificate
Pros
- Very beginner friendly
- Touches upon Python, SQL, and Linux, and tools like SIEM, Wireshark, and so on
- Discount for CompTIA Security+ prep and exam
- It’s from Google! Who doesn’t know Google?
Cons
- Covers a LOT of topics… by skimming / barely touching
- Does not cover much business continuity and disaster recovery
- Does not go into deeper networking or access control
I finished all 8 courses in the Google cybersecurity professional certificate program on Coursera in 5 days. My impression is quite positive. I have well over 10 years of experience in IT and software engineering, and I learned quite a bit about cybersecurity.
The problem is Google, in order to cover all these things, barely touched most of them.
Another reason I was able to finish in only 5 days, was that I already knew some Linux, quite a bit of SQL, and I’ve taken several Python courses before. So knowing one or more of those topics will definitely help you finish this quickly.
One thing to note is even Google acknowledges the 8 domains of cybersecurity as formalized by ISC2 (CISSP is “Certified Information Systems Security Professional”, one of the higher certifications you can get from ISC2).
While the course does cover a lot of ground, it also means it had to skim over a LOT of content. This is an introductory course to cybersecurity programming, and you will not achieve any in-depth knowledge here, nor was it ever meant to. As a result, this does not really cover things like business continuity and disaster recovery. It also does not cover in detail the 7-layer OSI networking model, which can be very useful when identifying the incoming attack, but that’s probably NOT something they would assign to an entry-level cyber security analyst anyway.
I’ve said it before, and I’ll say it again. This will not get you a job. This is just to get you used to the terms and concepts in cybersecurity, to make sure you really want to get into this field.
Thoughts on ISC2 “Certified in Cybersecurity” (aka CC)
Pros
- Straight knowledge test, no essays or such
- Has an actual certification exam
- Back by a professional association of the industry
- Discounts for further certification prep and more
Cons
- Not as famous as Google (or IBM, or Microsoft)
- Need to pay membership fee (but it’s only $50/year)
- It expires in 3 years unless you go get CPE units.
The way I finished this certification has a couple twists and turns.
I actually started on Thursday on the Coursera version of the prep course, which has 5 separate courses. You do get a completion certificate, but that does NOT mean you get the actual certificate, as I realized I have to take the exam. While searching for a discount code for the exam, I stumbled upon the “One Million CC” initiative, where ISC2 is giving away 1 million sets of exam prep and exam vouchers so 1 million people can become CC (certified in cybersecurity) in 2023. So while I waited for some of my peers to grade my peer-graded assignments in the Coursera version, I started on the ISC2 version of the prep course, which also has 5 primary modules/courses and covers the same topics. I started on Saturday and was able to finish on Sunday.
In other words, I took the CC Prep Courses TWICE in 5 days, then took the exam, and passed.
Probably because I took everything twice, the content was quite fresh in my mind when I took the test 48 hours later (on Tuesday). I said in the video that I was not able to go back to review my answers. 100 questions, straight through, and that’s it. I passed anyway.
I would say the requirement to take the exam at a proper Pearson VUE testing center is quite nice, and adds to the challenge. Of course by then I’ve taken no less than 3 mock tests (of 75 questions each) and there were really no surprises except I should have remembered a bit more about the OSI 7-layer model.
Please read the exam objectives on the ISC2 website, as they will throw in some experimental questions (25, so total is 100 questions) at you, and you’d be wondering: wait, they never covered that?! Just answer the best you can. Those questions are NOT graded, but you don’t know which ones, so you have to do your best.
Career Path “Advice”
Can you get a job with Google CS Cert? IMHO, no. But it’s a good prep for CompTIA S+.
Can you get a job with ISC2’s CC cert? IMHO, “probably not.
Can you get a job with CompTIA S+ cert? Probably. You are more likely to get a job if you also get one of the blue or red team certs, like CySA+ or PenTest+.
In Conclusion
You should get both certs, if you have enough time. I think they complement each other. Google version is more broad, and covers actual examples of incident response, post-incident forensics, log analysis, risk evaluation, and so on. However, it never went into any area with any depth, so understanding is superficial at best. ISC2 version covers stuff in more detail, but lacks the “essay” type stuff (like writing incident reports) and log exploration like those in the Google one. And HR may be more impressed by the ISC2 issued certification, which you have to test for, than one you get directly from Coursera.
Anyway, I hope you find this useful as you pursue a career in Cybersecurity.
See you in the next one.
Here are some additional resources to help you decide which certification is right for you:
Comments
Post a Comment