This feature first appeared in the Spring 2021 issue of Certification Magazine. Click here to get your own print or digital copy.
Over the last two decades, the IT certification arena has been heavily influenced by the work of the Computing Technology Industry Association, popularly known as CompTIA. CompTIA is a long-term IT industry survivor and success story; the nonprofit organization has awarded more than two million professional IT credentials during its long tenure in the certification sphere.
Today, CompTIA's training and certification program offers a tidy baker's dozen of credentials. These thirteen certifications are split into four categories: Core, Infrastructure, Cybersecurity, and Additional Professional.
Some of the CompTIA credentials have only been around for a few years: CySA+ was launched in 2017, PenTest+ in 2018. Venerable certs like A+ and Network+, on the other hand, have been available for eons — at least by IT industry standards.
CompTIA's certification program is currently in good shape, anchored by some true warhorses among industry credentials, while also being flush with the bloom of some newer information security certs. But in the volatile and ever-changing information technology world, an important question to ask is: What will the future of CompTIA certifications look like?
Solid to the Core
CompTIA currently has four certifications in its Core category:
- IT Fundamentals
Let's take a look at each of these certifications and how they could — or should — evolve in the upcoming years.
IT Fundamentals (ITF+) is the entry point for anyone considering a career in the IT industry. The ITF+ training is a serving of Computing 101, made up of basic concepts, skills, and best practices. In essence, ITF+ also serves as a litmus test to help an individual determine whether they are a good match for working with technology beyond a user role.
The future of ITF+ is uncertain at best. There is more technology education being added to K-12 school curricula every year, and future graduates will be more tech savvy than previous generations. Also, a good portion of the ITF+ knowledge base can be learned on the job through corporate education portals hosted by vendors like LinkedIn Learning and SkillSoft.
These online classes also offer a form of user validation through digital badges or certificates, which can be linked to an online resume. If modern K-12 education and corporate training results in shrinking numbers of ITF+ candidates, expect this credential to fade out over the next few years.
I looked at the current status of the A+ certification in the Summer 2018 issue of Certification Magazine. Specifically, I called out CompTIA's continued requirement for two separate A+ exams to cover the desired objectives. I still believe the future of A+ is a single exam that has better curated content that excludes legacy items like antiquated operating systems and peripheral devices.
Also, given that much of today's computing equipment is designed to be inaccessible by anyone other than the vendors themselves, future iterations of A+ should place less emphasis on hardware configuration and repair.
A+ is CompTIA's flagship certification, with well over one million A+ holders worldwide. Its longevity and industry recognition is unparalleled, and it should continue to be popular through the next decade — although hopefully as a single-exam certification.
Network+ and Security+ are two sides of the same IT industry coin Network+ covers a full gamut of networking technology knowledge and skills up to an intermediate level, which positions it as a credential for talented computer network generalists who have some related work experience.
On the flip side of our figurative coin, Security+ offers an intermediate dive into the field of information security principles and skills. It is aptly described by CompTIA as 'the first security certification a candidate should earn.' That line of thinking applies, incidentally, to both aspiring security professionals and those taking aim at other sectors of IT.
Network+ and Security+ will continue to be relevant to a certain audience in the future — the question is more about who will make up that audience. There are more teenagers earning these two certifications than ever before, thanks to strategic partnerships CompTIA has with school districts across the United States that are offering CompTIA training to high school students.
If this trend continues, then we could see a future shift whereby employers will have higher expectations for the tech knowledge that young graduates bring to the table. Ultimately it's the state of both technology and the existing job candidate pool that determines what is 'intermediate' or 'entry-level' industry knowledge.
With the exception of the entry-level ITF+ credential, which will almost certainly be made obsolete by current and future generations of tech-savvy teens, CompTIA's Core certifications will prevail into the foreseeable future.
Building an Infrastructure
There are three certifications in CompTIA's Infrastructure category. They are:
Cloud+ can be classified as a branched specialization from Network+, a path that teaches network professionals the ins and outs of cloud computing infrastructure creation and maintenance. Significantly, Cloud+ is a vendor-neutral certification that doesn't focus on a single platform like Microsoft Azure or Amazon Web Services.
Cloud+ has earned two noteworthy accolades. First, it is compliant with ISO 17024, an international standard that applies to certification-issuing entities. Second, Cloud+ was approved by the U.S. Department of Defence as meeting the goals of directive 8570.01-m, which concerns the implementation and function of cybersecurity personnel within the DoD.
Cloud+ will be updated with new training material and a new exam in May 2021. This certification is clearly not going away in the foreseeable future, as cloud computing services continue to make up a huge portion of IT expenditures for all businesses, schools, and government organizations.
Linux+ started life as a collaboration with the Linux Professional Institute (LPI) which has its own set of Linux certifications under the LPIC brand. The webpage for Linux+ no longer mentions LPI, hinting that CompTIA has chosen to distance its Linux credential from the LPI program.
Linux+ is a vendor-neutral certification and isn't solely tied to a particular distro, unlike certifications from Red Hat, for example. By all accounts, there is still a strong demand for network administrators and programmers who have Linux knowledge and skills, which will maintain relevance for the Linux+ credential into the future.
Server+ is an older certification first launched in 2001. It is an odd mashup of subjects spanning the A+, Network+, and Security+ knowledge domains. Server+ exists as a generalist/specialist certification that covers a broad slate of subjects from a specialized category of computing hardware and software.
While Server+ may be somewhat redundant due to its crossover with other CompTIA certifications, the organization has shown no sign of discontinuing it. Server+ has been refreshed with new training material and exams in 2005, 2009, and 2015, and there is an upcoming refresh scheduled for May 2021. While Server+ is arguably an unnecessary designation, it still seems to be a popular one.
CompTIA's Infrastructure certifications are more specialized, tailored for a narrower audience of IT professionals. Cloud+ and Linux+ represent popular and relatively future-proof job roles in the industry, and should remain valid for quite some time. Server+ is more of a chimera that currently benefits from CompTIA's extended support, but could eventually be phased out of the certification program.
Elbowing in on Security (and Additional Professionals)
This brings us to CompTIA's Cybersecurity category, which consists of the following certifications:
- Cybersecurity Analyst (CySA+)
- Advanced Security Practitioner (CASP+)
CySA+ is aimed at intermediate security analysts who spend more time focusing on threat detection and identification. CASP+ is for hardcore IT security experts: the recommended experience is 10 years of system administration, with five of those years spent working in cybersecurity. PenTest+ is the most specialized of the three certifications, designed for security pros who perform penetration testing of networks and related information systems.
The IT industry is currently saturated with information security training programs. This isn't surprising given the premium placed on information security in today's connected world — but it has led to a crowded IT security certification marketplace. It's hard to tell the players apart without a scorecard ... or a helpful salary survey.
Like Security+, all of CompTIA's Cybersecurity certifications have been authorized by the U.S. Department of Defence, a very large and consistent employer of IT professionals. The question is, between the DoD and the private sector, is there enough industry adoption of these certifications for CompTIA to develop new, even more specialized infosec credentials?
Or perhaps there's a better question: Is there any industry value to adding more cybersecurity certification programs to an already saturated market? CompTIA consistently places an emphasis on its nonprofit, industry advocate role. It may want to consider this when planning the future of its Cybersecurity category of certifications.
Finally, there's CompTIA's mixed bag of 'other' certifications, the Additional Professional category. While it wouldn't be fair to call these credentials complete afterthoughts, they are clearly a lower priority for CompTIA. There are three certifications in the Additional Professional category:
- Certified Technical Trainer (CTT+)
- Cloud Essentials+
Project+ is the certification for people who don't want to go down the full Project Management Institute rabbit hole. The quip that Project+ is a 'PMP-lite' isn't totally wrong, nor is it totally dismissive of either credential.
Project+ fills a training niche that existed long before CompTIA bought the original certification collateral from the Gartner Group in 2001. Currently on its fourth iteration of revision, Project+ will likely stay or go depending solely on its popularity.
CTT+ has been a useful vendor-neutral alternative to other technical trainer certifications like Microsoft's MCT or Google's Certified Trainer. Similar to Project+, CompTIA purchased the collateral for CTT+ in 2001, this time from the Chauncey Group. Also like Project+, the future of the CTT+ certification will depend mostly on the number of candidates drawn to it based on the technical trainer job role and how much demand there is for it.
Cloud Essentials+ is essentially a more specialized version of the IT Fundamentals certification. It is aimed at IT beginners and non-IT business professionals who want a better understanding of cloud technologies and how they correlate to business operations.
Seeing as how this cert was launched in 2011 and then didn't receive a content refresh for eight years, it's fair to say that Cloud Essentials+ isn't a hot priority on CompTIA's docket. It shouldn't be a surprise to anyone if this certification is retired in the not-too-distant future.
CompTIA has proven it is an industry survivor and a major force in IT training and certification. Its current certification program is well-structured and — with some noted exceptions — highly relevant to the IT industry. The future of CompTIA certification looks bright, insofar that the IT industry itself remains strong as it moves further into the 2020s.