Jarocki, S., & Kettani, H. (2019). Examining the efficacy of commercial cybersecurity certifications for information security analysts.

Proceedings of the International Conference on Information Systems Engineering (ICISE 2019), Shanghai, China, 1-5. Piscataway, NJ: IEEE.
https://doi.org/10.1109/ICISE.2019.00008

Examining the Efficacy of Commercial Cyber Security Certifications for

Information Security Analysts

Samuel Jarocki and Houssain Kettani

The Beacom College of Computer & Cyber Sciences
Dakota State University, Madison, South Dakota, USA

Abstract—Numerous cyber security certifications are available leakage and cyber espionage, by being able to correctly
both commercially and via institutes of higher learning. Hiring recognize and thwart attacks of the human element [14].
managers, recruiters and personnel responsible, and logically While there may be hundreds of information security
accountable are expected to make information backed, concrete, certifications, not all are specific to the IR skillset [21].
and sound, practical decisions when selecting personnel to fill Beginning in 2010, the National Initiative for Cybersecurity
positions. The role of an incident responder or security analyst Education (NICE) created a framework to describe and
requires near real-time decision making, pervasive knowledge evaluate government personnel working in cybersecurity. By
of the environments they are tasked with protecting and
2017, with contributions from academia, commercial entities,
functional situational awareness. Based on available statistics
focus groups and experts in their respective fields, a second
and hiring practices, can current commercial certifications
offered in the cybersecurity realm, particularly that of incident
version of the NICE Framework was published as National
response, provide effective indicators for a viable candidate? In institute of Standards and Technology’s (NIST) Special
this paper, we address this question and support our analysis Publication 800-181 [29], which clearly define the
with statistical data. expectations of Knowledge, Skills and Abilities (KSAs)
concerning trained IR personnel.
Keywords-certifications; component; cyber threat; defense; While the NICE framework does provide a detailed level
hiring; incident response; prevention; security analysts. of KSAs required to be an effective member of an IR team, it
should be noted that Digital Forensics has its own Specialty
I. INTRODUCTION Area with the NICE Framework and contains separate
responsibilities, certifications, and career paths [39].
The purpose of this paper is to examine the effectiveness Additional familiarity with the strategies, best practices,
of an assortment of certification offerings available to typical procedures and collaboration techniques including
individuals starting out in the incident response domain. There document creation would also be necessary in handling events
exists a myriad of courses available in multiple formats to defend complex information technology infrastructures
consisting of classroom, e-Learning, interactive and [25]. A detailed set of recommendations are clearly
combinations thereof. It is the intent of this paper to research documented by NIST’s Computer Security Incident Handling
what constitutes an effective knowledge garnered from Guide [10]. Additional requirements by the United States’
certification completion that is recognized and able to support Department of Defense (DoD) 8570.01M Information
selection of certificate holding individual for hiring purposes Assurance (IA) Workforce Improvement Program defines a
relevant in the field of completion. Supporting data Computer Network Defense Incident Responder (CND-IR) as
surrounding certification contributions in performing an one who investigates and analyzes all response activities
incident responder’s role will also be examined. related to cyber incidents [13]. While the NICE framework
The canvas for what constitutes an Incident Responder does not specifically declare which certifications meet criteria
(IR) would differ wildly depending on a variety of factors. for an IR role, Information Assurance Technical (IAT) Level
Incident Response (IR) may involve processes, procedures I list A+, Network+, CCNA Security or System Security
and technologies belonging to one organization, that may be Certified Practitioner (SSCP) as required to meet
completely delegated to multiple business units in a different qualifications for a CND-IR [32].
company. One organization may have a system administrator The idea that cyber related professional certifications
performing all duties typically related to the incident create a false sense of security as indicated in [15], contradicts
responder, such as that of a small business, while another may the combined efforts to clearly articulate requirements needed
have a dedicated IR team composed of multiple cells of for a cyber skill as converted in NICE framework and
information security analyst, reverse engineers and furthermore embraced by some researchers as a viable means
infrastructure support. As noted in [29], an IR should be able to maintaining curriculum within Institutes of Higher
to perform real-time Computer Network Defense (CND) Learning (IHL) [26]. Current research exists to evaluate IT
incident handling tasks such as forensic collections, intrusion related certifications in general and not specifically IR, to
correlation and tracking, threat analysis and direct system identify which components of an organization consider
remediation [29]. Well trained IRs would also be able to certificates obtained by a candidate practical [8], including a
curtail cyber threats including identity theft, information framework developed to specifically assist in hiring decisions
of this nature [24].
Jarocki, S., & Kettani, H. (2019). Examining the efficacy of commercial cybersecurity certifications for information security analysts.
Proceedings of the International Conference on Information Systems Engineering (ICISE 2019), Shanghai, China, 1-5. Piscataway, NJ: IEEE.
https://doi.org/10.1109/ICISE.2019.00008
An initial list of viable certifications pertinent to incident objectives, as practiced in lateral disciplines of fields outside
response, either specifically addressing in their literature [35] of cyber security such as that of emergency response
or containing elements touted by commercial elements [12] as management [9].
recommendations for breaking into the IR job field:
• Certified Computer Examiner (CCE), II. NECESSITY FOR QUALIFIED INCIDENT RESPONDERS
• Certified Ethical Hacker (CEH), Data breaches, cyber-crime and identity-fraud, to name a
• GIAC Certified Forensic Examiner (GCFE), few incident centric examples, have markedly increased over
• GIAC Certified Forensic Analyst (GCFA), time. From as early as 2011, data breaches had increased
• GIAC Certified Incident Handler (GCIH), more than 60% from one year to the next [17]. Even within
• GIAC Certified Intrusion Analyst (GCIA), the federal government, many agencies failed to effectively
• Certified Computer Forensics Examiner (CCFE), respond to cyber incidents and cited inadequately qualified
• Certified Penetration Tester (CPT) and personnel and training as reasons for failures [38].
• Certified Reverse Engineering Analyst (CREA). With consideration of the larger, more encompassing field
In addition to above, the following certifications also meet of information security and analytics, there is an estimated
criterion within the IR realm: 1.5 million qualified cyber security jobs that may be needed
• GIAC Reverse Engineering Malware (GREM) [16] by 2020 [36]. The outlook for information security analyst of
• CCNA Cyber Ops [11] (formally SCYBER) or which IRs are included is expected to grow by 28% between
CCNA-Security 2016-2026, which is significantly larger than that of other
• A+ or Network+ and System Security Certified occupations [7].
Practitioner (SSCP) [13]. Another facet of this response arena when evaluating need
According to (ISC)2 [1], which is one of the commercial for first responders is that of Information Assurance (IA),
certification vendors of SSCP, the top security certifications particularly in the role of protecting critical infrastructure as
cybersecurity professionals plan to pursue in 2019 are in this defined in the National Incident Response Plan (NIRP) [30],
order: which represents a culmination of response and policy
• Certified Information Systems Security Professional regarding protection of an organizations infrastructure.
(CISSP), Multiple frameworks exist in the IA discipline, which closely
• Certified Cloud Security Professional (CCSP), relate to the procedural elements followed for incident
• CISSP with Concentration: response and prevention.
o Information Systems Security Architecture Increased security breaches year after year, multiple facets
Professional (ISSAP), of information security requirements, and potential growth
o Information Systems Security Engineering
and trends in the IR service market puts an ever-increasing
Professional (ISSEP), or
burden on hiring qualified and capable personnel to provide
o Information Systems Security Management
Professional (ISSMP). commensurate response services to fulfill these needs [7, 34].
• Certified Secure Software Lifecycle Professional III. CERTIFICATION
(CSSLP),
• Systems Security Certified Practitioner (SSCP), What constitutes required knowledge, skills and abilities
• Cisco Certified Network Associate (CCNA) thus far has been defined within an incident responders role.
Security, The efficacy of related certifications within this paper will
• Cisco Certified Network Associate (CCNA) Cyber involved multiple sections. To properly scope the specificity
Ops, of commerical cyber certifications in an IR role, limitations
• Cisco Certified Network Professional (CCNP) will state which facets will not be examined. The maturation
Security, of the certification process will be reviewed in order to
• Certified Ethical Hacker (CEH), understand how factors such as technology and regulation
• Cisco Cyber Security Specialist Program require the process to keep pace. Lastly, we discuss the
(SCYBER), perceived value and effectiveness of certification.
• Certified Information Security Manager (CISM), A. Limitations
• Certified Internet Webmaster (CIW) Security
Analyst, and Analysis of overarching cyber security realm certifications
• CompTlA Security+ is central to most related studies in the cyber security field.
A qualitative approach for this paper will involve The myriad of sub-domains within cyber and information
reviewing practical relevance of IR specific duties and the security, notably that of information security analysis, of
need for qualified personnel in the IR domain, review of which incident response falls within, is limited in scope and
current perceptions on certification effectiveness in the discussed in the future works section.
workforce and finally the use of certification in decisions Timeframes of typical certification courses range from
when hiring personal. Lastly, an examination of capabilities days to weeks of actual in-person instruction if that option is
and overall utilization of resources to meet operational available or offered. Alternate, or even included with live
Jarocki, S., & Kettani, H. (2019). Examining the efficacy of commercial cybersecurity certifications for information security analysts.
Proceedings of the International Conference on Information Systems Engineering (ICISE 2019), Shanghai, China, 1-5. Piscataway, NJ: IEEE.
https://doi.org/10.1109/ICISE.2019.00008
instruction, are oftentimes a fusion of technologies ranging successful certification awarding are necessary [33].
from online reading, interactive labs, exercises, challenges, However, that is not to say real benefits are not perceived by
forums, test and quiz banks, and one-on-one or group certificate holders. Unsurprisingly, a 2017 study rates the
communications to foster learning, inquisitiveness, walk- following assessment methods overall effectiveness, from
throughs, examples and answers. high to low: virtual labs, oral exams, employment history and
Benefits of formal education in comparison to that of qualification review, narrated paper-based exams and finally
certification, and whether the latter is perceived as required multiple-choice paper-based exams [27].
for employment is outside the scope of this paper, but more During premier cyber exercises, notable CyberShield,
details can be found in [28]. Considering the problem reduced Time-To-Detect (TTD) was seen for those
statement of whether field specific certifications are an possessing Security+, and for those with A+ and Network+
effective instrument to gauge favorable candidacy, requisite certifications a decrease was not observed on TTD, instead
certification holding presumes the question is already their Time-To-End (TTE) was reduced [22]. The TTE being
answered from the employer perspective. that time at which an event is detected, acted upon and
resolved. Possibly from deficiency in clean monitoring data
B. Certification Maturity
or overly cautious respondents, the data of the survey in [22]
From as early as 1989, Information Technology (IT) opposes at times what would seem logical; better
certifications have been implemented to introduce, reinforce performance should be gained by having, in this situation,
and assess individuals and groups from countries across the Security+ certifications, but that was not always the case.
world [2]. To keep pace with every evolving technologies and Additionally, the participants thought comprehending their
threats, the commercial and government entities must adjust job was more advantageous than information security
their curriculum and certification criteria respectively [33]. certifications. These contradictory results are an example of
Commercial vendors meet requirements defined for each the difficulty in assessing current studies in the IR field.
iteration of the NIST framework [30], along with the
requirements specified in DoD 8570.01M and its IV. HIRING ASPECT
predecessor, DoD 8140.01, used to further unify policy, to Target audience are individuals involved with the hiring
keep pace with the changes in policies, audits, technologies and observation of employees and candidates that participate
and requirements [5, 13, 32]. in a certification endeavor. Current research detailing cyber
security, of which an incident responder or analyst is included
C. Value and Effectiveness
can be discerned from studies in hiring frameworks specific to
For those respondents that had a declared role in decisions on whether candidates holding skill related
observing, hiring or selecting an employee or current accreditation is accounted for while offering employment
colleague that has obtained an IR related certification, the [24]. Vendor-specific vs vendor-neutral certification may play
ultimate question was whether they felt the certification was a role not just in the initial hiring of a potential responder, but
valuable. Ancillary results based on whether a hands-on or also whether that individual has potential for promotability
practical approach is considered more effective was not [18], and because the talent pool is deficient, selection of
available for dissemination. Questions for those claiming to candidates possessing one or more certifications may very
have knowledge of certifications, were asked to input their well be a deciding factor [32].
perceived level of difficulty and benefit, as well as whether a There are several frameworks that can be leveraged in the
certified candidate was preferred. hands of a hiring manager or recruiter. While some are
Between vendor-specific, and vendor-neutral generalized, others are more detailed for the sector in which
certifications, the former is valuable while the latter is an organization is seeking qualified personnel. Moreover,
preferred [31]. Highly specific, vendor centric training from
with the tremendous outlook for IT and security related jobs
the certificate earner would logically isolate the achievement
a detailed framework or methodology for filtering potential
to a myopic system or process, reducing the perceived value
to potential employers that do not utilize the explicit vendor. hires can narrow choices and reduce technological
The study in [31] also found contradicting responses such that competencies for recruiters that must span across multiple
the certification process was an incumbrance, while still being fields [7]. Human capital in all that entails, such as the
a reliable foundation for relevance in the field. In another 2002 essence of an individual’s knowledge, experience, skills, etc.
study concerning perception of commercial credentials in IT that make of an overall trait characteristic is one aspect that
field, the findings are quite illuminating, which found a strong can be applied to pairing an individual in a specific role [20].
correlation between IT certification holders and ease of Conflicting results are offered from one paper to the next
recruitment in terms of time efficiency and lowered the cost by respondents to research surveys. In [23], it is noted that C-
of recruiting [3]. Another informative survey conducted in level associates would hire inexperienced people with a
2016 [6], found an average of 78% required or desired certification, while others required certifications to even be
knowledge in professional certifications. considered; and even amongst managers, some believed
To be an effective certification for the defender, responder certifications were nothing but the ability to pass a test.
or analyst and be able to determine the best course of action Early findings from 2002 show that human resources
against an intruder or adversary, practical components for perceived traditional four-year degree holders as ideal, but
Jarocki, S., & Kettani, H. (2019). Examining the efficacy of commercial cybersecurity certifications for information security analysts.
Proceedings of the International Conference on Information Systems Engineering (ICISE 2019), Shanghai, China, 1-5. Piscataway, NJ: IEEE.
https://doi.org/10.1109/ICISE.2019.00008
recognized IT-centric certifications as assistive in decision candidate and respective observer interviews. Further
making for candidate selection, and as a cost saving for the consideration can be given to certifications offered by IHL,
employer [3]. Even though amongst industry professionals in and how they may re-enforce or sway hiring managers
information technology at least, the holding of a certification opinions when coupled, or in lieu of commercial
does not correlate with aptitude, nor should be utilized for certifications.
hiring [8], although the practice continues [4].
REFERENCES
V. CONCLUSION [1] (ISC)². (2018). Cybersecurity Professionals Focus on Developing New
Skills as Workforce Gap Widens. Cybersecurity Workforce Study.
While specific data and corresponding works is limited
https://www.isc2.org/-
regarding the incident response field, some connections can /media/7CC1598DE430469195F81017658B15D0.ashx
be drawn based on the literature that is available. Overall, [2] Adelman, C. (2000). A parallel postsecondary universe: The
commercial incident response cyber security certification certification systemin information technology (Report No. ED445246).
Washington, DC: Educational Resources Information Center (ERIC).
research is limited in determining efficacy in selecting a
https://eric.ed.gov/?id=ED445246
practical candidate since responses conflict between the [3] Bartlett, K.R. (2002). The perceived influence of industry-sponsored
hiring manager and the security professional [37]. credentials in the information technology industry (Report No.
It may be concluded there is a supposed worth in obtaining ED465072). Washington, DC: Educational Resources Information
Center (ERIC). https://files.eric.ed.gov/fulltext/ED465072.pdf
a certification, though there lacks concrete data to support an
[4] Bartlett, K.R., Horwitz, S.K., Ipe, M., & Liu, Y. (2005). The perceived
incident response specific field for certification for all influence of industry-sponsored credentials on the recruitment process
fundamentals needed to perform job functions, barring other in the information technology industry: Employer and employee
elements, such as experience and on-the-job training. The IT perspectives. Journal of Career and Technical Education, 21(2), 51-
65. https://ejournals.lib.vt.edu/JCTE/article/view/661/965
domain is vast, and individuals’ components and fields
[5] Bates, J.D. (2017). Ways to improve DoD 8570 IT security certification
within IT intersect each other, including skillsets, expertise (Report No. ED580717). Washington, DC: Educational Resources
and practical knowledge to support multiple roles. Incident Information Center (ERIC). https://eric.ed.gov/?id=ED580717
response is unique in that the hands-on, analytical and [6] Benslimane, Y., Yang, Z., & Bahli, B. (2016). Information security
between standards, certifications and technologies: An empirical study.
situational awareness is required to excel in the position.
Proceedings of the International Conference on Information Science
Also, because response itself is inherently a reactive process, and Security (ICISS), Pattaya, Thailand, 1-5. Piscataway, NJ: IEEE.
based on adversarial actions and intent, there exist a real https://doi.org/10.1109/ICISSEC.2016.7885859
challenge for the modern IR practitioner to learn needed [7] Bureau of Labor Statistics. (2018, April 13). Occupational outlook
handbook: Computer and information technology, information security
techniques, tactics and procedures in a certification process
analysts. Bureau of Labor Statistics (BLS).
alone, since they’re constantly evolving with the cyber https://www.bls.gov/ooh/computer-and-information-
terrain, potential vulnerabilities and exploit vectors. technology/information-security-analysts.htm
Additional conclusions may be drawn within a singular [8] Cegielski, C.G. (2004). Who values technology certification?
Communications of the ACM, 47, 103-105.
field like that of IR by a longitudinal study to isolate the
https://doi.org/10.1145/1022594.1022627
parameters that constitute an effective certification for the [9] Chen, R., & Sharma, S.K. (2012). Organizational capabilities in
field [19]. Determining the ideal permutation of emergency incident response: An empirical examination. Proceedings
experience(s), certification(s) and formal education that of the 7th Annual Midwest Association for Information (MWAIS).
Green Bay, WI. Atlanta, GA: Association for Information Systems
establishes a concrete incident responder from the human
(AIS). http://aisel.aisnet.org/mwais2012/8
capital perspective could add concrete evidence to support or [10] Cichonski, P., Millar, T., Grance, T., & Scarfone, K. (2012). Special
repudiate the certification efficacy question [15]. Publication 800-61 Revision 2: Computer security incident handling
guide - Recommendations of the National Institute of Standards and
VI. FUTURE WORKS Technology. Gaithersburg, MD: National Institute of Standards and
Technology (NIST). https://doi.org/10.6028/NIST.SP.800-61r2
Incident responders’ roles exist across a multitude of [11] Cisco. (2018). CCNA Cyber Ops.
disciplines, such as fire control, law enforcement, hazardous https://www.cisco.com/c/en/us/training-events/training-
materials handling, emergency management and medicine. certifications/certifications/associate/ccna-cyber-ops.html
[12] Cyber Security Education. (2018). How to become an incident
The commonality between cyber IR and other variations of responder. Cyber Security Education.
IR in response management involves leveraging all available https://www.cybersecurityeducation.org/careers/incident-responder/
resources to meet the objectives [9]. By harnessing [13] US Department of Defense (DoD). (2015). Information Assurance
capabilities, an IR team can achieve functional competency Workforce Improvement Program (Report No. DoD 8570.01-M).
Washington, DC: DoD. https://iase.disa.mil/iawip/pages/index.aspx
and maximize an effective and satisfactory response [9]. [14] European Union Agency for Network and Information Security
Further information in IR can be extrapolated by (ENISA). (2018). ENISA threat landscape report 2017: 15 top cyber-
determining whether the many facets of knowledge, skills threats and trends. Heraklion: ENISA. https://doi.org/10.2824/967192
and abilities coupled with the high-level tasks defined in the [15] Evans, K., & Reeder, F. (2010). A human capital crisis in
cybersecurity: Technical proficiency matters. Washington, DC: Center
NICE Framework have bearing on candidate hiring, retention for Strategic and International Studies (CSIS).
and performance [29]. This information may be obtained by [16] GIAC Certifications. (2018). Forensic certification: GIAC Reverse
utilizing a considerably more involved questionnaire, Engineering Malware (GREM). GIAC Certifications.
performance evaluations, testing, and quizzes, along with https://www.giac.org/certification/reverse-engineering-malware-grem
Jarocki, S., & Kettani, H. (2019). Examining the efficacy of commercial cybersecurity certifications for information security analysts.
Proceedings of the International Conference on Information Systems Engineering (ICISE 2019), Shanghai, China, 1-5. Piscataway, NJ: IEEE.
https://doi.org/10.1109/ICISE.2019.00008
[17] Ginovsky, J. (2012). Cyber attacks are soaring. How to thwart them. [34] ResearchAndMarkets.com. (2018). Global incident response service
Banking Exchange. http://www.bankingexchange.com/news- market 2018-2023: Increasing incidences of security breaches is
feed/item/3779-cyber-attacks-are-soaring-how-to-thwart-them driving growth. Business Wire.
[18] Gleghorn, G.D., & Gordon, J. (2012). A quantitative examination of https://www.businesswire.com/news/home/20180816005586/en/Glob
perceived promotability of information security professionals with al-Incident-Response-Service-Market-2018-2023-Increasing
vendor-specific certifications versus vendor-neutral certifications [35] SANS Institute. (2018). Interactive NICE framework mapping. SANS
(Report No. ED533882). Washington, DC: Educational Resources Institute. https://www.sans.org/courses/niceframework/
Information Center (ERIC). https://eric.ed.gov/?id=ED533882 [36] Sarkar, D. (2015, May 14, 2015). US government gets low
[19] Goldblatt, J. J. (1996). Certification and Event Management: A cybersecurity marks from own federal employees, (ISC)2 survey says.
Qualitative and Quantitative Approach to Assessment (Doctoral FierceGovernmentIT.
dissertation, UMI No. 9634628). Ann Arbor, MI: UMI Company. [37] Wierschem, D., Zhang, G., & Johnston, C.R. (2010). Information
[20] Goldin, C. (2014). Human Capital. Handbook of Cliometrics, 55–86. technology certification value: An initial response from employers.
http://scholar.harvard.edu/files/goldin/files/human_capital_handbook Journal of International Technology and Information Management,
_of_cliometrics_0.pdf 19(4), 89.
[21] Grover, M., Reinicke, B., & Cummings, J. (2016). How secure is [38] Wilshusen, G.C. (2014). Information security: Agencies need to
education in information technology? A method for evaluating security improve cyber incident response practices (Report No. GAO-14-354).
education in IT. Information System Education Journal, 14(3), 29–44. Washington, DC: United States Government Accountability Office
http://isedj.org/2016-14/ (GAO). https://www.gao.gov/products/GAO-14-354
[22] Henshel, D. S., Deckard, G. M., Lufkin, B., Buchler, N., Hoffman, B., [39] Yasinsac, A., Erbacher, R.F., Marks, D.G., Pollitt, M.M., & Sommer,
Rajivan, P., & Collman, S. (2016). Predicting proficiency in cyber P.M. (2003). Computer forensics education. IEEE Security and
defense team exercises. Proceedings of the 2016 IEEE Military Privacy, 1(4), 15–23. https://doi.org/10.1109/MSECP.2003.1219052
Communications Conference (MILCOM 2016), Baltimore, MD, 776-
781. Piscataway, NJ: IEEE.
https://doi.org/10.1109/MILCOM.2016.7795423
[23] Hunsinger, D.S., Smith, M.A. (2005). Predicting hiring managers’
intentions to use I.T. certification in the selection process. Journal of
Information Technology Management, XVI(4), 1-18.
http://jitm.ubalt.edu/XVI-4/article1.pdf
[24] Hunsinger, D.S., Smith, M.A., & Winter, S.J. (2010). A framework of
the use of certifications by hiring personnel in it hiring decisions. ACM
SIGMIS Database: The DATABASE for Advances in Information
Systems, 42(1), 9–28. https://doi.org/10.1145/1952712.1952714
[25] Killcrece, G., Kossakowski, K.P., Ruefle, R., & Zajicek, M. (2003).
State of the Practice of Computer Security Incident Response Teams
(CSIRTs) (Report No. CMU/SEI-2003-TR-001). Pittsburgh, PA:
Software Engineering Institute.
[26] Knapp, K. J., Maurer, C., & Plachkinova, M. (2017). Maintaining a
cybersecurity curriculum: Professional certifications as valuable
guidance. Journal of Information Systems Education, 28(2), 101–114.
http://jise.org/Volume28/n2/JISEv28n2p101.html
[27] Knowles, W., Such, J. M., Gouglidis, A., Misra, G., & Rashid, A.
(2017). All that glitters is not gold: on the effectiveness of cyber
security qualifications. IEEE Computer, 50(12), 60-71.
https://doi.org/10.1109/MC.2017.4451226
[28] Lasheen, M.A. (2015). Technical certifications in information
technology as compared to traditional academic credentials: Impact
on earnings and employability. Order No. 10102661. Northcentral
University, Ann Arbor: ProQuest.
[29] Newhouse, W., Keith, S., Scribner, B., & Witte, G. (2017). NIST
Special Publication 800-181 National Initiative for Cybersecurity
Education (NICE) Cybersecurity Workforce Framework.
Gaithersburg, MD: National Institute of Standards and Technology
(NIST). https://doi.org/10.6028/NIST.SP.800-181
[30] National Institute of Standards and Technology. (2014). Framework
for improving critical infrastructure cybersecurity.
https://www.nist.gov/sites/default/files/documents/cyberframework/c
ybersecurity-framework-021214.pdf
[31] Pierce, S. R. (2009). Information technology certifier perspectives on
areas affecting certification assessments: A phenomenological study
(Report No. ED515571). Washington, DC: Educational Resources
Information Center (ERIC). https://eric.ed.gov/?id=ED515571
[32] Poe, L.R. (2018). The Development of Information Assurance and
Cybersecurity Competency Lists (Master’s Dissertations No.
AAI10808410). West Lafayette, IN: Purdue University.
https://docs.lib.purdue.edu/dissertations/AAI10808410/
[33] Reid, D.A. (2012). Cyber sentries: Preparing defenders to win in a
contested domain (Accession No. ADA561779). Fort Belvoir, VA:
Defense Technical Information Center (DTIC).
https://apps.dtic.mil/docs/citations/ADA561779