With the ongoing threat of data breaches and cyberattacks in our increasingly connected world, organizations everywhere need professionals to protect their operations, data and critical assets. Yet talent to fill these vital roles is scarce.

Research shows the cybersecurity workforce needs an influx of 2.7 million professionals to meet global demand. And the urgency of that need shows no signs of slowing. Just in the U.S., the Bureau of Labor Statistics projects employment of information security professionals will grow 33% through 2030.

Near limitless job opportunities are wide open to problem-solvers with an analytical mindset.

How can you break into cybersecurity? Working cybersecurity professionals agree, certification is the most important way for career pursuers to enter the field. But with so many cybersecurity certifications out there, how do you choose the one that will help you break into the field and help lead you to long-term career success? Let's compare two entry-level options: ISC2 Certified in Cybersecurity℠ and CompTIA Security+.

What is the focus of each certification?

As the true entry point to career excellence, Certified in Cybersecurity (CC) proves to employers that you have the foundational and practical knowledge, skills and abilities necessary for a beginning role in cybersecurity. It demonstrates to employers that you understand fundamental security principles and operations, risk management, network security and access controls, and how they relate to an organization’s operations. With CC, they’re reassured you have the skills to meet and exceed performance standards in a beginning or junior-level role.

Security+ certification validates the baseline skills required for basic security functions and a career in IT security.

What level of professional experience is required?

There are no specific prerequisites to take either certification exam.

For Certified in Cybersecurity, no work experience in cybersecurity or formal education is required. The certification is recommended for IT professionals, career changers, college students and recent graduates.

For Security+, at least two years of IT administration experience with a security focus are recommended, and candidates are advised to earn the CompTIA Network+ certification first.

What distinguishes Certified in Cybersecurity from Security+?

Certified in Cybersecurity starts newcomers on their path to advanced cybersecurity certifications and future leadership roles. It introduces candidates to the field within the world’s most recognized portfolio of information security credentials. You’ll start your professional journey on track toward earning world-class ISC2 expert-level certifications, including the CISSP, the global gold standard and most-required security credential by hiring managers searching for candidates on LinkedIn.

In addition, upon certification, you’ll become a member of ISC2, cybersecurity’s leading professional organization, gaining you access to these key benefits and more:

  • Community of professionals – You’ll be part of a network of more than 365,000 cybersecurity experts around the world.
  • Job offers and advancement – You’ll demonstrate the solid foundation of cybersecurity knowledge employers are looking for, from an association they trust.
  • Ongoing professional development – You’ll advance in your career path with the most current continuing education and other exclusive ISC2 learning opportunities. Save with discounts on training, industry events, webinars, publications and more.

What content are candidates tested on?

The Certified in Cybersecurity exam covers the following domains and topics:

  1. Security Principles (26%) - Understand the security concepts of information assurance, the risk management process, security controls, the ISC2 Code of Ethics and governance processes.
  2. Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts (10%) – Understand business continuity (BC), disaster recovery (DR) and incident response.
  3. Access Controls Concepts (22%) - Understand physical access controls and logical access controls.
  4. Network Security (24%) - Understand computer networking, network threats and attacks and network security infrastructure.
  5. Security Operations (18%) - Understand data security, system hardening, best practice security policies and awareness training.

The Security+ exam covers the following domains and topics:

  1. Threats, Attacks and Vulnerabilities (21%) - Analyze indicators of compromise and determine types of malware or compare and contrast types of attacks.
  2. Technologies and Tools (22%) - Troubleshoot common security issues or deploy mobile devices securely.
  3. Architecture and Design (15%) - Summarize secure application development, deployment, cloud and virtualization concepts.
  4. Identity and Access Management (16%) - Implement identity and access management controls or differentiate common account management practices.
  5. Risk Management (14%) - Explain the importance of policies, plans and procedures related to organizational security.
  6. Cryptography and PKI (12%) - Compare and contrast basic concepts of cryptography or implement public key infrastructure.

Comparing the Exams


ISC2 Certified in Cybersecurity

CompTIA Security+

Length of Exam

120 minutes/100 multiple-choice questions

90 minutes/90 multiple-choice and performance-based questions max

Passing Score




U.S. $0 – Self-Paced Training + Exam
U.S. $199 – Self-Paced Training + Exam + Extras
U.S. $804 – Live Online Training + Exam + Extras

U.S. $392 – Exam Only
U.S. $565 – Exam + Study Guide
U.S. $720 - Exam + Study Guide + CertMaster Practice
U.S. $977 – Exam + CertMaster Learn and Labs
Click here for full details

Annual Maintenance Fee

U.S. $50

U.S. $50

CPE Credits Required

45 credits over 3 years

50 credits over 3 years

Testing Provider

Pearson VUE Testing Centers

Pearson VUE Testing Centers and Online Testing

What training is available from each certifying body?
Certified in Cybersecurity exam prep options include online instructor-led training, online self-paced training and classroom-based training. What makes the exam prep so unique from other entry-level trainings is the attainability of knowledge and skills for individuals with no technical background. For career changers, it provides business use-case scenarios that incorporate technical jargon to facilitate the application of cybersecurity technology to real-world business practices.

Security+ exam prep options include books, eLearning, labs and exam prep software as well as classroom instruction for organizations.

What is the ISC2 One Million Certified in Cybersecurity initiative?
As part of its commitment to help close the workforce gap, the new ISC2 global initiative, One Million Certified in Cybersecurity, is providing a path for more entrants into the field by offering free entry-level Certified in Cybersecurity Online Self-Paced Training and exams to the first million people.

To encourage diversity, equity and inclusion in the workforce, ISC2 will work closely with new and existing partner organizations as part of this program to reach populations underrepresented in cybersecurity. Half of the commitment – 500,000 course enrollments and exams – is pledged to this effort. Learn More

How ISC2 Certified in Cybersecurity Can Help You
Learn more about how ISC2 Certified in Cybersecurity opens the way to an exciting and rewarding career, enabling you to build confidence and enter your first role prepared for what's next.

Take the next step by downloading your copy of The Ultimate Guide to Certified in Cybersecurity: The Entry-Level Certification for Tomorrow's Cybersecurity Leaders.

Get Your Guide