New security training and certs emerge

Security training is getting more segmented — and that is the real story here. This week’s batch of launches and promotions spans Microsoft, SANS, and Skills for Justice, but they all point in the same direction: employers do not just want “security awareness” anymore. They want credentials mapped to specific jobs, from office staff handling sensitive data to cyber specialists chasing advanced certs to frontline teams dealing with protective security and counter-terrorism. Basically, security education is being sliced by role, not just by topic. (learn.microsoft.com) ### What changed this week? Microsoft introduced a new certification called Cybersecurity Business Professional, tied to Exam SC-730 and currently in beta. At almost the same time, SANS highlighted its cybersecurity master’s path that includes nine GIAC certifications, and Skills for Justice promoted delivery of the Level 3 Award in Counter-Terrorism Protective Security and Preparedness. These are different products for different audiences, but they landed with the same pitch — practical, role-relevant upskilling. (learn.microsoft.com) ### Why is Microsoft aiming at non-technical staff? Because a lot of cyber risk now sits with people who are not in IT. Microsoft’s SC-730 is explicitly built for business professionals who use digital tools every day but are not security practitioners. The exam page and study guide frame the target user as someone in roles like admin, analysis, project management, marketing, or sales — people with heavy exposure to data, cloud apps, (learn.microsoft.com)t that modern breaches often start in ordinary workflows. (learn.microsoft.com) ### What is SANS doing differently? SANS is pushing the opposite end of the market. Its master’s degree is not an awareness credential — it is a deeper technical path wrapped around industry certs. The program says students can earn nine GIAC certifications while completing the degree, which is a big selling point because GIAC certs already carry weight with employers looking for validated hands-on skills. So the appeal is speed and stackability — one academic program, multiple employer-readable signals. (sans.edu) ### Where does the counter-terrorism award fit? That one sits in the physical-security world, but it is part of the same trend. Skills for Justice says it is a registered training provider for the Level 3 Award in Counter-Terrorism Protective Security and Preparedness, and it describes the qualification as endorsed by Counter-Terrorism Policing and the National Counter-Terrorism Security Office. In other words, this is not generic compliance training — it is a(sans.edu)ecurity capability. (skillsforjustice.org.uk) ### Why does role-specific training matter now? Because “everyone should be more security conscious” turns out to be too vague to be useful. A finance analyst, a SOC engineer, and a venue security lead face different threats, use different tools, and need different judgment calls. The new crop of programs reflects that reality. Microsoft is targeting the broad business layer. SANS is targeting technical depth and career progression. Skills for Justice is targeting preparedness in real-world protective environments. (learn.microsoft.com) ### Is this just more credential inflation? Partly — but not only that. The catch is that every new badge risks becoming resume wallpaper if employers do not map it to actual responsibilities. But these launches also show a more mature security-training market. The strongest programs are no longer promising that one course will “make your company secure.” They are promising narrower things — reduce business-user risk, prove hands-on cyber skills, or build protective-security readiness. That is a healthier framing. (sans.org) ### Who is this really for? It is for employers trying to close very specific gaps without sending everyone through the same generic module. Think of it like moving from one company fire drill to separate training for electricians, wardens, and paramedics. Same broad mission — very different jobs. Security training is starting to look more like workforce design. (sans.edu) ### Bottom line? The news is not just that a few new cour(sans.org)around the actual people who carry risk inside organisations — business users, technical specialists, and protective-security teams. That makes the market more crowded, but also more useful. (learn.microsoft.com)