2024 SC Awards Finalists: Best Professional Certification Program

For over 20 years, CISM has been the premier management-level certification for information security professionals, addressing the need to connect IT security with executive leadership. Unlike other certifications, CISM measures both security expertise and the ability to align security programs with business goals. With over 93,000 certified professionals since 2002, CISM holders are distinguished by their knowledge in developing and managing information security programs that protect organizational assets. CISM-certified individuals bring a vital mix of technology and business skills, requiring five years of work experience.

As remote work and AI-powered cyberthreats complicate the security landscape, a holistic approach to enterprise information security is essential. For those transitioning from technical roles to management, the CISM credential is globally respected and equips professionals to meet the urgent demand for experienced information security managers with strong business acumen. With enterprises prioritizing security at upper levels amid rising threats, CISM-certified professionals are highly sought after. Reflecting its value, CISM was ranked among Skillsoft’s top 20 highest-paying IT certifications for 2023.

For more than 50 years, ISACA has empowered individuals and organizations with knowledge, credentials, education, and training to enhance careers and transform businesses. With more than 170,000 members in fields like information security, governance, and risk, ISACA operates in 188 countries and has 225 chapters worldwide. The ISACA Foundation supports IT education and career opportunities for underrepresented and under-resourced populations.

CRISC is the only certification designed to equip IT professionals for the challenges of IT and enterprise risk management, positioning them as strategic partners within their organizations. As technologies like AI, blockchain, and IoT reshape the risk landscape, CRISC-certified professionals are uniquely prepared to help enterprises mitigate new security and business risks. With cybersecurity as a top enterprise concern, CRISC holders manage cyber and other risks by implementing tailored information systems controls. They gain a strong understanding of risk management frameworks and ensure secure implementation of emerging technologies.

OPSWAT Academy training addresses the shortage of skilled professionals in Critical Infrastructure (CI) protection. Unlike traditional IT security programs, it focuses heavily on IT/OT security, offering modules developed by industry veterans with more than 15 years of CI cybersecurity experience. This OT security emphasis sets OPSWAT Academy apart from generic certifications. With 250,000 certified professionals from its CIP Cyber Acquisition, OPSWAT Academy has significantly strengthened the CI cybersecurity workforce, demonstrating its effectiveness and industry recognition.

OPSWAT Academy stands out by focusing on the specific security needs of Critical Infrastructure (CI) environments, addressing the often-overlooked IT/OT security gap in traditional programs. This specialized curriculum equips professionals to protect essential systems. Beyond training, OPSWAT Academy collaborates with educational institutions and government agencies to offer scholarships, expanding access to cybersecurity education. This commitment to knowledge democratization and our industry-endorsed curriculum positions OPSWAT Academy as a leader in CI cybersecurity. In 2024, we launched instructor-led boot camps, ensuring professionals stay updated with the latest skills to tackle evolving threats.

OffSec enhances IT security professionals’ expertise through comprehensive, hands-on training that covers a range of cybersecurity topics, from basic to advanced techniques. Their practical approach includes access to virtual labs for real-time skill application. OffSec’s rigorous certifications, requiring both theoretical and practical proficiency, are highly respected in the industry. They also support the broader community by maintaining Kali Linux and offering extensive free resources, ensuring professionals stay equipped with the latest tools and knowledge. Continuous updates and community engagement keep OffSec’s training relevant and effective for evolving cybersecurity challenges.

PEN-200: Penetration Testing with Kali Linux features an immersive, hands-on approach. Unlike theoretical courses, PEN-200 immerses learners in real-world scenarios through extensive virtual labs, challenging them to apply hacking techniques in controlled environments. The course progresses from basic to advanced penetration testing skills, ensuring practical understanding. It also prepares students for the rigorous OffSec Certified Professional (OSCP) exam, renowned for its practical testing format. This direct pathway to certification, coupled with realistic training, sets PEN-200 apart as an effective and industry-relevant program.

In October 2023, Fortinet’s certification program was restructured to streamline career development in cybersecurity, featuring five proficiency levels with multiple certifications for clear career paths. Key benefits include:

• Free access to self-paced training, affordable remote labs, and online proctored exams at higher levels.
• 600+ hours of training in various languages globally.
• Flexible ILT/V-ILT courses in full or half-day sessions.
• Enhanced on-demand labs for improved learning.
• Annual updates to courses and exams reflecting technology trends and cybersecurity needs.
• Partnerships with academic institutions, outreach groups, and organizations like the World Economic Forum.

More than 1.5 million certifications have been issued, with 30% YOY growth and a 94% CSAT score. Feedback led to these changes:

• Core and elective exams for specialized skills.
• Scalable and adaptable certifications, such as the new FCSS in Secure Access Service Edge.
• Digital badges at exam and certification levels for flexibility in showcasing competencies.
• Options for self-paced, instructor-led, and virtual instructor-led training.
• Online proctored exams via a scalable platform.
• Regular exam performance reviews based on psychometric analysis.

This modularity ensures the program aligns with evolving industry needs.