There are countless cybersecurity certifications that you can get, and not all of them expire. Some are valid indefinitely, while others need to be renewed every few years. So, you might be wondering which cybersecurity certification doesn’t expire.
The CompTIA Security+ entry-level certification does not expire if obtained before January 1, 2011. The OSCP certification is valid indefinitely. Most cybersecurity certifications, however, are not good for life, they expire after 2-4 years. Certification renewal ensures that certificate holders keep up with the rapidly evolving cybersecurity field.
Let’s start with a list of popular cybersecurity certifications and their expiration times, then get into the why and how of maintaining your hard-earned cybersecurity certs.
List of Popular Cybersecurity Certifications and Their Expiration Times
Once you have a cybersecurity certification how long is it good for? Here is a list of popular cybersecurity certifications and their expiration/recertification times:
| Certification | Expiration Time | Renewal Fee | How to Renew |
| Offensive Security certifications: Offensive Security Certified Professional (OSCP) | Good for life | N/A | N/A |
| Security+ certification before Jan 2011 | Good for life | N/A | N/A |
| CompTIA certifications : Security+ after Jan2011, PenTest+, Cybersecurity Analyst (CASA+), Cybersecurity Advanced Security Practitioner (CASP+) | 3 years | Annual fee of $50 | Earn CE points: Security+ = 50PenTest+ = 60CASA+ = 60CASP+ = 75 |
| All GIAC cybersecurity certifications | 4 years | $469 once every 4 years or $239 every 2 years | Earn 36 CPE points |
| CISCO cybersecurity certifications: CyberOps Associate, CyberOps Professional, CCNP security, CCIE security | 3 years | Cost of chosen exam for recertification | Completing continuing education activities, taking exams, or a combination of both |
| ISACA cybersecurity certifications: Certified Information Security Manager (CISM) , Certified Information Systems Auditor (CISA) | 3 years | Annual fee of $45 for members, $85 for non-members | Earn 120 CPE points *annual minimum of 20 CPE hours |
| IAPP cybersecurity certifications: Certified Information Privacy Professional (CIPP) , Certified Information Privacy manager (CIMP), Certified Information Privacy Technologist (CIPT) | 2 years | $250 USD once every 2 years for non-members | Earn 20 CPE points |
| (ISC)² cybersecurity certifications: Certified Information Systems Security Professional (CISSP), | 3 years | Annual fee of $125 for certified members and $50 for associates | Earn 120 CPE points *Suggested annual of 40 CPE points |
| EC-Council cybersecurity certifications: Certified Ethical Hacker (CEH) | 3 years | Annual fee of $50 | Earn 120 CPE points |
Note: Check with the specific certification organization for more information on renewal timelines and requirements.
Why Most Cybersecurity Certifications Have Expiration Times
If you’ve been working in the cybersecurity field for any length of time, chances are you’ve pursued at least one certification. And if you have, you also know that most of them have expiration dates.Â
Have you ever wondered why that is?
There are two main reasons why most cybersecurity certifications have expiration dates.
The first reason has to do with continuing education. With cybercrime up 13% from last year, it is important for those working in cybersecurity to stay abreast with the latest trends and developments.Â
Renewal of a certificate allows the holder to demonstrate ongoing education and competency in the field.
The second reason is that cert-issuing organizations must adhere to specific accreditation standards.
For instance, one of the requirements for maintaining an organization’s ISO/ANSI accreditation is to devise new exam questions every so often. This helps to ensure that the questions being asked on the certification examinations are not outdated and that those taking the exams are getting an accurate measure of their knowledge and skills.
Common Activities or Renewal Paths To Recertify Cybersecurity Certifications That Expire
You’ve got it, now keep it.
Renewing your certification is not as difficult as you may think.
Most organizations that offer cybersecurity certification have multiple ways in which certificate holders can renew their credentials. The most common activities or renewal paths include:
1. Submit Continuing Professional Education (CPE) Units or Credits
CPE credits are earned by participating in activities that help you keep your skills and knowledge up-to-date.
The most popular activities include:
- Obtaining additional advanced certifications
- Attending cybersecurity-related training coursesÂ
- A graduate courseÂ
- Publication of a technical paper
- Relevant work experience
- CTFs
- Writing an article for an information security publication
2. Passing the latest release of the exam
For many certificates, the organizations that offer them will release a new version of the exam every few years. When this happens, persons who wish to renew their credentials can do so by passing the latest release of the exam.
Also, depending on the organization issuing the certification, there may be requirements for maintenance fees. Some organizations only require a one-time payment at the start of every renewal cycle while others require an annual fee.
Be sure to check with your specific organization to find out what is required of you.
Example of Cybersecurity Certification Renewal Cycle
Let’s take a look at an example of the renewal cycle of a 3-year certification, such as the CompTIA Security+.
CompTIA Security+ is a popular entry-level certification for those looking to break into the cybersecurity field.
The certification is valid for three years from the date of issuance. To renew your credential, you have two options: retake the exam or earn 50 continuing education (CE) credits through various activities.
Here is an image that breaks down the renewal process for this particular certification:
As you can see from the image, certificate holders have to pay a maintenance fee as well as upload any earned CPE annually. The earlier one starts earning CPEs, the less pressure there is to obtain all 50 in one shot.
Final Thoughts
Certifications are a great way to validate your skills and knowledge in the cybersecurity field. And while most of them do have expiration dates, renewing them is usually not as difficult as one may think.
Most organizations offer multiple ways to renew your credential, such as through CPE units or credits, or by passing the latest release of the exam.
So, if you’re wondering which cybersecurity certification doesn’t expire, very few do. Most cybersecurity certifications expire. However, with a little bit of planning, you can easily renew your credential and keep your skills up-to-date.
