woman-typing-on-laptop-cyber-security-interface-picture-id1221170199 (2)

Search For Schools


Cybersecurity Certificates & Certifications

In 2021, the number of cyberattacks rose by over 15 percent, costing businesses $6.9 billion dollars. Just as worryingly, only half of US businesses surveyed in the same year had a cybersecurity plan in place. Experts forecast that the number of cyber-attacks will continue to rise in the coming years, growing in scale, complexity, and severity; the need for expertly-trained cybersecurity professionals will grow in parallel.

According to the Bureau of Labor Statistics (BLS 2022), cybersecurity (information security analysis) is one of the fastest-growing fields, projected to grow 35 percent between 2021 and 2031, adding 56,500 jobs. It’s also a high-paying industry: the median salary for information security analysts is $102,600 annually.

Compared to other high-paying professions, the educational requirements for cybersecurity professionals are cheaper and shorter in duration: many can get started in this career with only a bachelor’s degree, and advance further through cybersecurity certificates and certifications.

Differences Between Cybersecurity Certificates and Cybersecurity Certifications

Cybersecurity certificate programs are housed within traditional universities and represent the completion of a designated sequence of courses in cybersecurity. The specific nature of those courses, as well as the quantity, will vary from program to program.

Certificate programs can take place at the undergraduate or graduate level: the former will likely cover cybersecurity fundamentals, while the latter will focus on a specific cybersecurity niche. Applicants can be either IT professionals looking for specialization or non-IT professionals looking to upskill in cybersecurity basics.

Certificate programs can range in length from a few days to a few months. Holding a cybersecurity certificate is rarely a requirement for attaining a cybersecurity job, but it can demonstrate competency in one or more specific areas that employers value; it can also help prepare one for cybersecurity certification.

Cybersecurity certifications are offered by independent organizations outside of the traditional education system and do not require the completion of any coursework. Certifications are meant to assess the abilities, knowledge, and skills an applicant already has.

To earn a professional certification, applicants will need to pass an exam or exams; as such, the certification process itself may only last a few hours, but preparation beforehand can take weeks or months. Those who hold certifications will also need to maintain them over time, often through earning a certain number of continuing education units (CEUs). Some cybersecurity certifications are considered industry standards, and it’s not uncommon for employers to request them from job applicants.

The bottom line: Cybersecurity certificate programs are educational programs for early- to mid-career professionals to gain either fundamental or specialized cybersecurity knowledge in a structured and certified way; cybersecurity certifications are an industry-standardized, exam-based way for IT professionals to prove the cybersecurity skills they already have.

Online Cybersecurity Certificate Programs

Stanford Online

Stanford Online offers an online advanced cybersecurity certificate program designed for IT professionals and taught by world-class faculty from Stanford University. Students will learn to create secure code, use cross-domain security measures, deploy an information security program, engage stakeholders in cybersecurity issues, and prepare countermeasures to protect an organization from cyber threats.

The program consists of one required course and five electives, covering areas including network security, mobile security, and protecting web applications. It is recommended that students in this certificate program have a bachelor of science in computer science or a background in cybersecurity.

  • Location: Palo Alto, CA
  • Duration: Six to nine months
  • Tuition: $2,970 total

Harvard Extension School

Harvard Extension School offers an online graduate certificate in cybersecurity for mid-career professionals. Students will build a robust understanding of information security systems, and how to interact with and communicate about those systems and their threats.

The program consists of two required courses and two electives. The pool of electives is deep, with options including cryptography and identity management for cloud and IoT applications; networking at scale; systems programming and machine organization; and governance, threats, conflict, privacy, identity, and governance in the cyber world.

Most students in this program are already employed full-time, but there are no requirements beyond being comfortable with technology, technical terms, and technical documents.

  • Location: Cambridge, MA
  • Duration: 18 months
  • Tuition: $12,400 total


Hosted by the Bowers College of Computing and Information Science at Cornell University, eCornell’s online cybersecurity certificate gives students practical literacy in cybersecurity. The program includes the following courses, taken in sequential order: systems security; authenticating machines; authenticating humans; discretionary access control; mandatory access control; and enforcement mechanisms and strategies. Each class has under 35 students, and generally requires five to eight hours of work per week.

While not a strict requirement, students will feel most comfortable if they have some familiarity with programming and operating systems.

  • Location: Ithaca, NY
  • Duration: Four to five months
  • Tuition: $2,730 total

UCLA Extension

UCLA Extension offers an online certificate in cybersecurity for IT professionals looking to advance their understanding of cybersecurity. Students will learn the basics of cybersecurity and gain hands-on experience with OSI stack security, hacking methodologies, penetration testing, and defensive strategies.

The program consists of four required courses: fundamentals of cybersecurity; information systems infrastructure security management; network, operating system, and database security; and a cybersecurity lab in defensive tools. Students will graduate with an understanding of the concepts needed for top cybersecurity certifications.

  • Location: Los Angeles, CA
  • Duration: Six to 12 months
  • Tuition: $3,980 total

Online Cybersecurity Certification Programs

CompTIA Security+

CompTIA’s Security+ certification is one of the most widely recognized in the industry, validating the basic skills necessary to work in the cybersecurity field. It is the only entry-level cybersecurity certification that emphasizes hands-on skills, and it adapts itself to the latest trends and techniques in the industry.

Candidates for the Security+ certification are recommended to have two years of IT experience and a Network+ certification from CompTIA, but neither is a strict requirement. The 90-minute qualifying exam includes multiple-choice questions, drag-and-drop activities, and performance-based items. Knowledge domains include threats, attacks, and vulnerabilities; identity and access management; technologies and tools; risk management; architecture and design; and cryptography and PKI. Exam fees total $381.

CompTIA also offers more advanced certifications, such as:

Certified Ethical Hacker (CEH)

The EC-Council, the world’s largest certification body for information security professionals, offers the Certified Ethical Hacker (CEH) certification for IT professionals interested in penetration testing. Those who hold CEH certifications have an understanding of the latest commercial-grade hacking tools and techniques. Applicants will need two years of experience in information security and to have graduated from EC-Council training modules.

The four-hour CEH exam includes 125 multiple-choice questions across the following areas: information security threats and attack vectors; attack detection; attack prevention; procedures; and methodologies.

Exam fees total between $950 and $1,199. Those who hold the CEH certification may advance to the level of CEH Practical and then CEH Master.

The EC-Council also offers advanced certifications in the following areas:

Certified Information Security Manager (CISM)

Hosted by the Information Systems Audit and Control Association (ISACA), the Certified Information Security Manager (CISM) certification is designed for IT professionals looking to solidify their management and leadership experience. Applicants will need at least five years of experience in a managerial role related to cybersecurity.

The 150-question certification exam is split into four areas: information security governance; information security risk management; information security programs; and incident management. Exam fees are $575 for ISACA members and $760 for nonmembers.

ISACA also offers other cybersecurity certifications, such as:

Certified Information Systems Security Professional (CISSP)

The International Information System Security Certification Consortium, also known as (ISC)², offers the Certified Information Systems Security Professional (CISSP) certification for experienced cybersecurity professionals seeking to advance their careers. Applicants will need at least five years of experience in at least two different areas of cybersecurity.

The six-hour, 125-question qualifying exam covers eight domains: security and risk assessment; asset security; security architecture and engineering; communication and network security; identity and access management; security assessment and testing; security operations; and software development security. Exam fees total $749.

(ISC)² also offers other advanced certifications, such as:


Matt Zbrog

Matt Zbrog is a writer and researcher from Southern California. Since 2018, he’s written extensively about the increasing digitization of investigations, the growing importance of forensic science, and emerging areas of investigative practice like open source intelligence (OSINT) and blockchain forensics. His writing and research are focused on learning from those who know the subject best, including leaders and subject matter specialists from the Association of Certified Fraud Examiners (ACFE) and the American Academy of Forensic Science (AAFS). As part of the Big Employers in Forensics series, Matt has conducted detailed interviews with forensic experts at the ATF, DEA, FBI, and NCIS.