Where I live in Texas they don't really look at these. I showed them on my resume at the last job that had networking position. They just looked over me. They asked me if I had any experience and I felt stupid. I told them the truth that all I had was book knowledge and their body language said it all. Then they went with somebody else. I wish I can get the experience. I might have to not go into the IT field. I need funds coming in and no one here wants to give me that chance to gain experience.
Solid breakdown, very informative. I appreciate the approach AKYLADE is taking to providing focused certs with high industry demand: Resilience CSF, Risk RMF, and AI Security. Shout out to SimplyCyber!
Hi Omar! Thank you for your feedback. If you haven't already, be sure to check out the free objectives and practice exams for cyber resilience, cyber risk management and AI security. We have worked hard to ensure that the exam content is practical, affordable, and meets with the industry demand. Thank you to SimplyCyber and Steve McMichael for having Jason on as a guest ... and making him wince while eating mouthfuls of wasabi 😅
Jason's courses helped me to get few Certs. Every single word tht Jason just said abt the CS industry is a reality. Going through a pretty rough patch due to wht Jason referred to as "hiring gap"(issues with the HR) rather the skills gap, though wasted a lot of time in figuring out this silent reality but pretty sure will be able to overcome those issues and will get back on "new" track soon.
Hey thanks for sharing your experience. Certainly many others are feeling the same and the Simply Cyber community provides a strong support network. Sounds like you're on the right path and I wish you the best getting after your career goals.
I took Jason Dion's practice tests and none of what I studied was on the Security + test. So, I guessed about half of the test and passed it by two questions.
1) So in short, focusing on the (free, publicly funded, CISA ran) NICE framework for role based certifications is Akylades answer to the flawed certification industry? 2) Another thing that seems off is comparing these Akylade certs to other big name certs is pretty unfair. They have more recognition and many have way more depth in topics. 3) I've heard the certifications are planned to be tiered, would love to learn more -- maybe there's already a video about that? 4) How does Akylade make "hands-on practical certifications"? It's still multiple choice, right? Others like Sec+ at least have PBQ. Another important thing to note is you can read the NIST docs and list those keywords on the resume too.
Hi Chris! Good to see your comments again -- thank you for sharing your thoughts. Let me address each of your points to clarify our approach and philosophy: 1) Focusing on the NICE Framework: Yes, AKYLADE leverages the NICE Framework as a foundation for our certifications because it’s a robust, widely recognized structure that aligns job roles with required knowledge, skills, and abilities. However, our certifications go beyond simply adopting the NICE Framework. We work closely with hiring managers and subject matter experts to ensure the certifications reflect real-world job expectations, bridging the gap between theory and application. By emphasizing actionable skills tied to role-based needs, AKYLADE aims to address some of the industry’s key challenges, such as the disconnect between certifications and workplace demands.
2) Comparing AKYLADE to Big Name Certs: You're absolutely right-many established certifications have greater recognition and cover a broader range of topics. AKYLADE isn’t trying to replace those certifications but rather complement them by addressing specific skill gaps employers have identified. For instance, while certifications like Security+ provide foundational knowledge, AKYLADE focuses on practical application, ensuring candidates can perform tasks tied to frameworks like the NIST Cybersecurity Framework. Recognition takes time, and our goal is to grow by consistently delivering value through relevant and skills-driven certifications.
3) Tiered Certifications: Great question! Some of AKYLADE’s certifications are indeed structured to be tiered. Our foundational-level certifications (e.g., Cyber Resilience Foundation) focus on fundamental concepts, while practitioner-level certifications (e.g., Cyber Resilience Practitioner) dive deeper into application and problem-solving as they are designed more for team managers and leaders. This tiered approach helps candidates build their expertise progressively and ensures that each certification aligns with specific career milestones.
4) Hands-On Practical Certifications: This is a key differentiator for AKYLADE. While multiple-choice questions are part of the foundational-level exams (as required by ISO 17024), practitioner-level exams incorporate performance-based components, real world case studies, and simulations to test real-world skills. For example, candidates might be tasked with applying the NIST Cybersecurity Framework to assess risks or develop a mitigation strategy. We are currently working on a fully hands-on Nmap Security certification that utilizes virtual environments for testing which will be released in 2025. We’re continuously investing in technology to expand these capabilities and make our exams as interactive and practical as possible while remaining in compliance with ISO 17024 requirements.
5) Using NIST Docs and Keywords: Absolutely-reading the 32-page NIST Cybersecurity Framework documentation and including relevant keywords on your resume can demonstrate familiarity with the framework. However, employers often need more assurance than self-reported skills. A certification verifies that a candidate not only understands the framework but also knows how to apply it effectively. To complement this, "Mastering Cyber Resilience," the textbook aligned with AKYLADE's Cyber Resilience certifications, takes the NIST Cybersecurity Framework and expands it into actionable steps. This approach is based on insights from practitioners who have successfully implemented these steps in their daily work. The textbook provides practical guidance that bridges the gap between theoretical understanding and real-world application, giving candidates an edge in both certifications and professional practice. This combination of validated knowledge and actionable skills is where AKYLADE aims to deliver value, ensuring practitioners are prepared to meet the demands of the industry effectively.
This was very informative. I love the transparency between the both of you. I’ll definitely keep a look out for this as I already have enough to tackle on my plate. Studying for CySA & CC via ISC2
Love the concept behind this video! Jason Dion has been a huge help in me passing several certifications and it's interesting to hear his takes on the certification industry. Great work Mike!
How would "A/CCRP" compare with the "NIST Cybersecurity Framework 2.0 Lead Implementer" by CIS? I understand the CIS path is expensive, but would the hands-on opportunity be better or comparable? Thank you in advance, and all the best.
I've taken the CCRF course and can already tell it has nowhere near what that lead implementer has. Looks like it's more focused and content than both the CCRF and CCRP. I am curious to know more and a comparison would be great. The CCRF + CCRP is going to be $500 just for the exam soon anyways.
@GRCNerd - Thank you for these good questions! The CIS NIST Cybersecurity Framework Lead Implementer program focuses solely on entry-level implementation of the NIST CSF and is tied to its expensive training courses. Additionally, it is not an ISO 17024-approved certification, meaning it lacks the global accreditation standards that validate certifications independently of training. In contrast, the AKYLADE Certified Cyber Resilience Foundation (A/CCRF) is AKYLADE's entry-level certification, while the Certified Cyber Resilience Practitioner (A/CCRP) is an advanced practitioner-level certification. Both were developed by subject matter experts and practitioners in compliance with ISO 17024 standards for accredited certifications, ensuring the exams are rigorous, globally recognized, and independent of training. The A/CCRP not only validates deeper expertise in implementing the NIST CSF but also includes creating a comprehensive management action plan aligned with organizational objectives. Candidates have the flexibility to prepare independently or through Authorized Training Partners, who emphasize practical, real-world application. Key differences include: - Level: CIS is strictly entry-level, while A/CCRF and A/CCRP offer a clear progression from foundational to practitioner-level expertise. - Hands-On Learning: CIS claims to provide structured training with guided labs, but A/CCRP emphasizes flexibility and practical application, allowing candidates to customize their preparation and experience to match their professional goals. - Scope and Cost: CIS is limited to the NIST CSF and is expensive due to mandatory training. A/CCRP offers broader coverage of resilience practices and is more cost-effective, with optional training available through Authorized Training Partners. While input on certifications and training programs is valuable, it’s important to verify the credibility of opinions. Those who haven’t directly experienced both the A/CCRF and A/CCRP certifications or comparable programs may lack the perspective needed to accurately assess their rigor, content, and value. Always consider insights from individuals with firsthand experience.
@@CWhitlock95 If there are no other hidden costs, it appears the CIS "NIST Cybersecurity Framework 2.0 Lead Implementer" total amount is around USD 675.00 (application/membership fee + online/on-demand Self Study + Practice exam + Online exam). The live training is 2K+. I'm not sure if there will be any price hike in 2025.
So you're treating cyber/IT as a skilled trade. I have been trying to figure out why this wasn't the push from the beginning of my BS program. Academic Information you may have is not the same as knowledge or ability.
Lots of elements to a good career development plan. A solid academic foundation is certainly helpful, but yeah the idea is to add on or concentrate more on practical application.
Exactly! Treating cyber/IT as a skilled trade is spot on. The gap between academic knowledge and real-world ability is a huge issue in the industry. Certifications and degree programs often focus on theory, but employers need people who can hit the ground running with practical skills. That’s why the emphasis on hands-on experience and actionable knowledge is so important-it’s what sets true professionals apart and makes them valuable from day one. It’s refreshing to see this approach gaining traction now!
99% of people in their jobs weren't contributing value on day one. It just doesn't exist because the experience you gain outside the workplace doesn't equal the complexity while you're on the job. This is just the people making the hiring decisions losing sight of the fact that they were in the place that job seekers are in.
Fair point on the role hiring managers have in the same problem they complain about. I can’t link in the comments but there’s a good blog post on this topic by Daniel Miessler called Day-1 skills hiring managers are looking for.
Where I live in Texas they don't really look at these. I showed them on my resume at the last job that had networking position. They just looked over me. They asked me if I had any experience and I felt stupid. I told them the truth that all I had was book knowledge and their body language said it all. Then they went with somebody else. I wish I can get the experience. I might have to not go into the IT field. I need funds coming in and no one here wants to give me that chance to gain experience.
#TeamSC - very informative
Solid breakdown, very informative. I appreciate the approach AKYLADE is taking to providing focused certs with high industry demand: Resilience CSF, Risk RMF, and AI Security. Shout out to SimplyCyber!
Hi Omar! Thank you for your feedback. If you haven't already, be sure to check out the free objectives and practice exams for cyber resilience, cyber risk management and AI security. We have worked hard to ensure that the exam content is practical, affordable, and meets with the industry demand. Thank you to SimplyCyber and Steve McMichael for having Jason on as a guest ... and making him wince while eating mouthfuls of wasabi 😅
Jason Dion’s course was the one that helped me pass my security plus exam ❤
Yeah, his practice tests, along Professor Messer’s videos, were MONEY for me.
Dion and Messer both awesome. A bit surreal meeting Dion in person!
Jason's courses helped me to get few Certs. Every single word tht Jason just said abt the CS industry is a reality. Going through a pretty rough patch due to wht Jason referred to as "hiring gap"(issues with the HR) rather the skills gap, though wasted a lot of time in figuring out this silent reality but pretty sure will be able to overcome those issues and will get back on "new" track soon.
Hey thanks for sharing your experience. Certainly many others are feeling the same and the Simply Cyber community provides a strong support network. Sounds like you're on the right path and I wish you the best getting after your career goals.
@@cpatocybersecurity ur welcome Gerald. Thanks and goodluck to SC community. yup, working hard.
I took Jason Dion's practice tests and none of what I studied was on the Security + test. So, I guessed about half of the test and passed it by two questions.
Love this guys.
1) So in short, focusing on the (free, publicly funded, CISA ran) NICE framework for role based certifications is Akylades answer to the flawed certification industry?
2) Another thing that seems off is comparing these Akylade certs to other big name certs is pretty unfair. They have more recognition and many have way more depth in topics.
3) I've heard the certifications are planned to be tiered, would love to learn more -- maybe there's already a video about that?
4) How does Akylade make "hands-on practical certifications"? It's still multiple choice, right? Others like Sec+ at least have PBQ.
Another important thing to note is you can read the NIST docs and list those keywords on the resume too.
Hi Chris! Good to see your comments again -- thank you for sharing your thoughts. Let me address each of your points to clarify our approach and philosophy:
1) Focusing on the NICE Framework: Yes, AKYLADE leverages the NICE Framework as a foundation for our certifications because it’s a robust, widely recognized structure that aligns job roles with required knowledge, skills, and abilities. However, our certifications go beyond simply adopting the NICE Framework. We work closely with hiring managers and subject matter experts to ensure the certifications reflect real-world job expectations, bridging the gap between theory and application. By emphasizing actionable skills tied to role-based needs, AKYLADE aims to address some of the industry’s key challenges, such as the disconnect between certifications and workplace demands.
2) Comparing AKYLADE to Big Name Certs: You're absolutely right-many established certifications have greater recognition and cover a broader range of topics. AKYLADE isn’t trying to replace those certifications but rather complement them by addressing specific skill gaps employers have identified. For instance, while certifications like Security+ provide foundational knowledge, AKYLADE focuses on practical application, ensuring candidates can perform tasks tied to frameworks like the NIST Cybersecurity Framework. Recognition takes time, and our goal is to grow by consistently delivering value through relevant and skills-driven certifications.
3) Tiered Certifications: Great question! Some of AKYLADE’s certifications are indeed structured to be tiered. Our foundational-level certifications (e.g., Cyber Resilience Foundation) focus on fundamental concepts, while practitioner-level certifications (e.g., Cyber Resilience Practitioner) dive deeper into application and problem-solving as they are designed more for team managers and leaders. This tiered approach helps candidates build their expertise progressively and ensures that each certification aligns with specific career milestones.
4) Hands-On Practical Certifications: This is a key differentiator for AKYLADE. While multiple-choice questions are part of the foundational-level exams (as required by ISO 17024), practitioner-level exams incorporate performance-based components, real world case studies, and simulations to test real-world skills. For example, candidates might be tasked with applying the NIST Cybersecurity Framework to assess risks or develop a mitigation strategy. We are currently working on a fully hands-on Nmap Security certification that utilizes virtual environments for testing which will be released in 2025. We’re continuously investing in technology to expand these capabilities and make our exams as interactive and practical as possible while remaining in compliance with ISO 17024 requirements.
5) Using NIST Docs and Keywords: Absolutely-reading the 32-page NIST Cybersecurity Framework documentation and including relevant keywords on your resume can demonstrate familiarity with the framework. However, employers often need more assurance than self-reported skills. A certification verifies that a candidate not only understands the framework but also knows how to apply it effectively.
To complement this, "Mastering Cyber Resilience," the textbook aligned with AKYLADE's Cyber Resilience certifications, takes the NIST Cybersecurity Framework and expands it into actionable steps. This approach is based on insights from practitioners who have successfully implemented these steps in their daily work.
The textbook provides practical guidance that bridges the gap between theoretical understanding and real-world application, giving candidates an edge in both certifications and professional practice.
This combination of validated knowledge and actionable skills is where AKYLADE aims to deliver value, ensuring practitioners are prepared to meet the demands of the industry effectively.
Oh snap! This is awesome!
Jason Dion and Daniel Lowrie need to collab a training video. Two of my favorite edutainers
Agree! I’m a big fan of both
Jason has been the best instructor/teacher i have ever had.
Amazing content.
This was very informative. I love the transparency between the both of you. I’ll definitely keep a look out for this as I already have enough to tackle on my plate. Studying for CySA & CC via ISC2
Hey thanks and wishing you the best getting after those!
Thanks, glad you found it helpful!
Love the concept behind this video! Jason Dion has been a huge help in me passing several certifications and it's interesting to hear his takes on the certification industry. Great work Mike!
Thanks dude
That shirt is so hot right now 🔥😉 seriously this was a great video, thanks for sharing!
Hey thanks Kimberly, your designs are always awesome
Great info! Thanks Steve and Jason!
Hey thanks for watching and the comment Jeremy!
How would "A/CCRP" compare with the "NIST Cybersecurity Framework 2.0 Lead Implementer" by CIS? I understand the CIS path is expensive, but would the hands-on opportunity be better or comparable? Thank you in advance, and all the best.
I've taken the CCRF course and can already tell it has nowhere near what that lead implementer has. Looks like it's more focused and content than both the CCRF and CCRP. I am curious to know more and a comparison would be great. The CCRF + CCRP is going to be $500 just for the exam soon anyways.
@GRCNerd - Thank you for these good questions!
The CIS NIST Cybersecurity Framework Lead Implementer program focuses solely on entry-level implementation of the NIST CSF and is tied to its expensive training courses. Additionally, it is not an ISO 17024-approved certification, meaning it lacks the global accreditation standards that validate certifications independently of training.
In contrast, the AKYLADE Certified Cyber Resilience Foundation (A/CCRF) is AKYLADE's entry-level certification, while the Certified Cyber Resilience Practitioner (A/CCRP) is an advanced practitioner-level certification. Both were developed by subject matter experts and practitioners in compliance with ISO 17024 standards for accredited certifications, ensuring the exams are rigorous, globally recognized, and independent of training. The A/CCRP not only validates deeper expertise in implementing the NIST CSF but also includes creating a comprehensive management action plan aligned with organizational objectives. Candidates have the flexibility to prepare independently or through Authorized Training Partners, who emphasize practical, real-world application.
Key differences include:
- Level: CIS is strictly entry-level, while A/CCRF and A/CCRP offer a clear progression from foundational to practitioner-level expertise.
- Hands-On Learning: CIS claims to provide structured training with guided labs, but A/CCRP emphasizes flexibility and practical application, allowing candidates to customize their preparation and experience to match their professional goals.
- Scope and Cost: CIS is limited to the NIST CSF and is expensive due to mandatory training. A/CCRP offers broader coverage of resilience practices and is more cost-effective, with optional training available through Authorized Training Partners.
While input on certifications and training programs is valuable, it’s important to verify the credibility of opinions. Those who haven’t directly experienced both the A/CCRF and A/CCRP certifications or comparable programs may lack the perspective needed to accurately assess their rigor, content, and value. Always consider insights from individuals with firsthand experience.
@@CWhitlock95 If there are no other hidden costs, it appears the CIS "NIST Cybersecurity Framework 2.0 Lead Implementer" total amount is around USD 675.00 (application/membership fee + online/on-demand Self Study + Practice exam + Online exam). The live training is 2K+. I'm not sure if there will be any price hike in 2025.
I don't believe we're going to get an answer from @@AkyladeCertified
@@GRCNerd I don't believe we're going to get a reply from @@AkyladeCertified
A national treasure ❤
So you're treating cyber/IT as a skilled trade. I have been trying to figure out why this wasn't the push from the beginning of my BS program. Academic Information you may have is not the same as knowledge or ability.
Lots of elements to a good career development plan. A solid academic foundation is certainly helpful, but yeah the idea is to add on or concentrate more on practical application.
@@cpatocybersecurity very true
Exactly! Treating cyber/IT as a skilled trade is spot on. The gap between academic knowledge and real-world ability is a huge issue in the industry. Certifications and degree programs often focus on theory, but employers need people who can hit the ground running with practical skills. That’s why the emphasis on hands-on experience and actionable knowledge is so important-it’s what sets true professionals apart and makes them valuable from day one. It’s refreshing to see this approach gaining traction now!
Dion had helped me with many certs... So awesome and thank you
I am security plus certified thanks to dion and others
99% of people in their jobs weren't contributing value on day one. It just doesn't exist because the experience you gain outside the workplace doesn't equal the complexity while you're on the job. This is just the people making the hiring decisions losing sight of the fact that they were in the place that job seekers are in.
Fair point on the role hiring managers have in the same problem they complain about. I can’t link in the comments but there’s a good blog post on this topic by Daniel Miessler called Day-1 skills hiring managers are looking for.
Everyone keeps trying to slice it 964,822 different ways and generate plenty of content, if the jobs were there we wouldn't be talking about it.
❤❤this is great
Hey, thanks!
Great video! Jason Dion taught me in highschool @crooms academy!