Cybersecurity, Certification, and the Credit Union


“Every day millions of people’s privacy and security are threatened by sophisticated fraudsters and rogue-state actors. A lack of regulatory standards and accountability leaves all of us vulnerable. Regulators are focused on ensuring that the financial services industry is prepared for cyberattacks. These ever-changing threats—and requirements to respond to them—impact all credit unions.” – CUNA

As our digital world continues to change, the need to stay prepared for the unplanned and unexpected increases. In a world of 1s and 0s, threats to any organization’s continuity have evolved, and regulators want to know that they are preparing. One of the best ways to be prepared for such events is to have employees trained and certified in cybersecurity.

What is Certified in Cybersecurity?

In August of 2022, (ISC)2, the world’s largest association of cybersecurity professionals, released a new initiative to seek participants for “One Million Certified in Cybersecurity.”  This initiative created a way for IT professionals to become (ISC)2 candidates and complete an absolutely free certification in cybersecurity. Interested? So was I!

After hearing about the initiative, I began the Certified in Cybersecurity self-paced study course. Included in the course are pre- and post-assessment testing, chapter quizzes, definitions, podcasts, videos, and real examples of cybersecurity issues. As a candidate, I could even get access to training professionals to help me learn what the course has to offer. The self-paced course even reminded me it was still there, emailing me when I forgot about it for just over ten days – (ISC)2 truly wants its candidates to succeed.

In the Certified in Cybersecurity course there are five main domains to study:

  • Security Principles
  • Business Continuity
  • Access Control Concepts
  • Network Security
  • and Security Operations

As I went through the course, I saw each of the domains get broken down into their specifics. For example, logical, physical, and administrative controls are covered in the Access Control Concepts domain, and the Network Security domain covers content relating to the ports and protocols we use, among other things.

Once the course is complete, candidates need to complete an exam to obtain certification. When it comes time for the exam, candidates should note that it is an in-person exam, only available at Pearson Vue test centers. There are 100 questions, and a two-hour time limit. Participants receive a pass/fail result at the test center upon completion of the exam.

Why get Certified in Cybersecurity?

As an IT professional with a keen interest in the privacy and security of all data, getting certified seemed like the perfect opportunity to sharpen my skills. Having the awareness of what to do when a cybersecurity event happens better prepared me with the best practices to mitigate negative results.

Credit unions could look to benefit from one of their IT staff members having this certification too. The increased awareness of cybersecurity threats to the organization, and the increase in baseline knowledge of continuity and recovery could be an overall boon to any credit union’s resilience.

There is also the added benefit coworkers and clients receive indirectly from employees having such certifications. By earning this certificate, employees can protect their organizations, clients, and coworkers. Furthermore, certified employees increase their longevity with their organization, their professional value, and, believe it or not, their own productivity can increase due to being better prepared for daily challenges and how to tackle them.

As Jim Lawrence mentions in his article on resilience, “awareness precedes action, but it is understanding that precipitates action.” We can all be aware that something must be done, but having a proper understanding of the details will arguably provide the best results, and I’m certain that this kind of understanding will be attainable through Certified in Cybersecurity.

So don’t wait for someone else to square you or your credit union away. If you are thinking about joining the cybersecurity field or your organization’s cybersecurity could use some beefing up, this knowledge and certification are worth having.

What’s the bottom line?

There are a few costs to consider when going through with this certification. First, there is the (ISC)2 Annual Maintenance Fee (AMF) of $50 at this certification level. As well as the AMF, (ISC)2 members are expected to earn 45 CPE credits during the three-year cycle to maintain the certification. Optional costs for the course may include a $199 fee to get more than one attempt on the exam, and another higher priced option which includes a live instruction class, along with the self-paced materials. Each candidate’s needs may be different.

However, these costs are essentially nothing compared to the reassurance of knowing your credit union is protected and nothing compared to the losses you could incur if it is not.

Should you or your organization see the benefits of this certification, I invite you to join me among the ranks of professionals at (ISC)2 and earn your Certification in Cybersecurity.


Your email address will not be published. Required fields are marked *