Loading summary
A
You're listening to the Cyberwire Network powered by N2K.
B
This episode is supported by Black Hat usa. If you follow the research, you know a lot of it breaks on Black Hat stages hundreds of peer reviewed briefings, more than 100 hands on trainings, and the largest business hall in Black Hat's history. Six days to learn the skills you'll need tomorrow, August 1st through the 6th, use code CYBERWIRE for $200 off your briefings pass@blackhat.com we'll see you in Vegas.
A
The word is certification. SPEL certification, as in a voucher of expertise. Definition A credential demonstrating an individual's knowledge in the field of cybersecurity, usually obtained by passing an exam or series of exams. Example sentence the CompTIA Security plus certification displayed the job seeker's expertise with certain fundamental cybersecurity concepts. Origin and context There are hundreds of cybersecurity certifications issued by a wide range of organizations, including educational institutions like Fairfax University, vendors like N2K, and industry associations like the International Information Systems Security certification consortium, or ISC2, each focusing on a particular area of cybersecurity, like Cybersecurity Best Practices or sysprep for Certified Information System Security Professional Certification or HCISPP Prep for Healthcare Information Security and Privacy Professional Certification and Six Sigma Expertise. The nonprofit ICS Squared began issuing the very first cybersecurity certification, the CISSP, in 1994. But many certifications have an expiration date or require the holder to earn continuing Professional education credits or CPE credits. The cissp, for example, as of this broadcast, requires applicants to pay a $749 fee to take the exam, as well as an annual $125 maintenance fee. The certification is valid for three years, by which point the CISSP holder must have submitted 120E CPE credits or retake the exam. While certifications can be useful benchmarks for potential employers, as well as providing constructive education for certificate seekers, there's been some criticism in the industry surrounding these certifications, Joanna burkey, CISO at HP, told InfoSecurity magazine last year, especially when cyber was a new domain, but certs were often used to reflect a degree of knowledge in this emergent space, which was useful. However, infosec certs have become somewhat diluted over the years and are used too often as a checkbox way to pre qualify candidates. This expected by default mentality can be exclusionary to people without certs who may actually be the better candidate. Nerd reference in 2022 on the YouTube channel called Clips. David Bombel and Corey Ball discuss whether or not certifications are worth the effort and price so Corey, tell me, certifications,
C
are they important in cybersecurity?
A
Give us your take on certifications.
C
Yeah, so I have a handful of certifications and to list them all out might be annoying. Obviously as someone that's partook in them, I would say, yeah, they do hold a lot of value. If you're trying to break into cybersecurity. They are one of the greatest helpers to do that. You have some knowledge and you can develop that into something more. And certs help a lot with that. So getting your foot in the door for interviews, Certs provide a lot of value there. And as long as you're going through your studying the material, you're getting your hands on the keyboard, you're testing out labs, you're building that experience. Then if the cert is the thing that drives you to do that, then that's a great way to build that experience.
A
Wordnotes is written by Tim Nodar, executive produced by Peter Kilpe, and edited by John Petrick and me, Rick Howard. The mixed sound, design and original music have all been crafted by the ridiculously talented Elliot Peltzman. Thanks for listening.
D
This episode is brought to you by Google Chrome. You think you know a browser, but Gemini and Chrome? That's new. It can help you with practically anything on the web, like restoring a vintage motorcycle from a 50 page restoration block. Or finally break down that long article you've had open for weeks. Gemini and Chrome is here for it, ready to make anything online make sense. There's no place like Chrome. Check responses set up required compatibility and availability various 18 plus.
Podcast: Hacking Humans by N2K Networks
Episode Date: June 30, 2026
Theme: Deception, influence, and social engineering in the world of cybersecurity; this episode dissects the term "certification", exploring its definition, context, value, and controversy within the industry.
This Word Notes installment unpacks “certification” in cybersecurity—what the term means, how certifications are issued, their intended value for professionals and employers, and the ongoing debate about their real-world relevance.
Advantages of Certifications:
Criticisms Highlighted:
"...infosec certs have become somewhat diluted over the years and are used too often as a checkbox way to pre-qualify candidates. This expected by default mentality can be exclusionary to people without certs who may actually be the better candidate." [03:26]
“If the cert is the thing that drives you to do that, then that's a great way to build that experience.” – Corey Ball [04:33]
Definition [00:52]:
“Certification, a credential demonstrating an individual's knowledge in the field of cybersecurity, usually obtained by passing an exam or series of exams.”
Historical perspective [01:54]:
"The nonprofit ISC2 began issuing the very first cybersecurity certification, the CISSP, in 1994."
Criticism of the certification mindset [03:26]:
"...certs have become somewhat diluted over the years and are used too often as a checkbox way to pre qualify candidates... can be exclusionary to people without certs who may actually be the better candidate." – Joanna Burkey, HP CISO
Practical advice from the field [04:33]:
“As long as you're studying the material, getting your hands on the keyboard, testing out labs, you're building that experience. If the cert is the thing that drives you to do that, then that's a great way to build that experience.” – Corey Ball
This episode offers a concise but nuanced exploration of certifications, offering both official definitions and insight from practitioners and critics. Essential listening for anyone contemplating a cybersecurity career or hiring in the space.