Adapting cybersecurity certification for AI integration

The International Information System Security Certification Consortium (ISC2) has released an update to its certification exam guidance focused on artificial intelligence, reflecting evolving considerations in cybersecurity roles and responsibilities.

With the increased adoption of AI across sectors, the responsibilities of cybersecurity professionals are changing to include securing AI systems and managing related risks. The updated ISC2 publication outlines how AI-related security concepts are incorporated into its certification exams.

The guidance maps where AI concepts appear across more than 50 cybersecurity exam domains within ISC2’s certification portfolio. ISC2 follows a three-year exam refresh cycle, which includes Job Task Analysis (JTA), exam blueprint development, item writing, peer review, standard setting, and publishing, to ensure exams reflect current professional requirements.

AI-related security concepts are integrated across core domains including Security and Risk Management, Asset Security, Security Architecture and Engineering, Communication and Network Security, Security Assessment and Testing, Security Operations, and Software Development Security.

ISC2 notes that certified subject matter experts and practitioners validate exam content to ensure it reflects real-world requirements. As AI capabilities intersect with cybersecurity domains, AI-focused tasks and considerations are incorporated into certification exam blueprints.

This approach is intended to ensure ISC2 certification exams remain aligned with current cybersecurity practices and that candidates are assessed on relevant AI security knowledge and skills.