SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
CompTIA overhauls its security certification exam in response to new threats
Wed, 29th Apr 2020
FYI, this story is more than a year old

CompTIA has today announced a major update to its Cybersecurity Analyst (CySA+) certification exam, changing several criteria to become certified.

The new exam applies behavioural analytics to the cybersecurity market and emphasises the significance of a security professional's ability to proactively defend and continuously improve the overall state of organisational security.

“Cybersecurity professionals must expand their vigilance and preparation for incidents and threats that are happening beyond the confines of the security operations centre,” says CompTIA director of product management Patrick Lane.

“The new exam addresses changes in the cybersecurity environment, as well as the need for security analysts to be more proactive with their defence and threat intelligence.

“CompTIA CySA+ also addresses tasks related to IT regulatory standards because analysts have a vital role in helping their employers comply to and maintain regulatory compliance to avoid fines and vulnerabilities.

IT professionals who want to become CompTIA certified must demonstrate they have the knowledge and skills to:
  • Leverage intelligence and threat detection techniques
  • Analyse and interpret data
  • Identify and address vulnerabilities
  • Suggest preventative measures
  • Effectively respond to and recover from incidents.

“The exam also stresses software security because of the rapid growth of risks in the development of applications and software,” says Lane.

“There is also increased emphasis on embedded IoT devices, cloud security environments and automation.

The certification is relevant to a variety of job roles, including security analysts, vulnerability analysts, threat intelligence analysts, application security analysts, threat hunters, incident response handlers, and others.

The exam was first introduced in 2017, where it emphasised the ability to capture, monitor and respond to network traffic findings.

CompTIA's announcement today comes only two weeks after the company revealed its intention to bring its testing and scheduling online as much of the world isolated in response to COVID-19.

The company partnered with Pearson VUE, a computer-based testing specialist, ensuring its exams could be taken online on the Pearson VUE OnVUE online proctoring solution.

CompTIA says the move allows users to schedule their exam times according to their own preferences.

The company has indeed been busy in April, with another announcement at the beginning of the month that it had created an interactive online forum dedicated to serving technology firms and workers during the COVID-19 pandemic.

The COVID-19 Resources Forum allows users to share information, resources, and best practices related to how they are managing their businesses amidst the worldwide impacts of the virus.

“Our members and the technology industry are doing incredible work in communities around the world and we want to make sure they have a platform to share best practices, success stories and valuable resources,” says CompTIA executive vice president for industry relations, Nancy Hammervik.

“The technology industry has stepped up and answered the call on so many levels and we want to empower professionals and companies to continue to serve their customers and the public.