The new cyber-analyst certification that will tackle the cyber-talent gap

UK organisations face a growing challenge: finding cyber-security professionals who are ready to perform from day one. With attacks escalating and the demand for technical response teams increasing, the sector is stretched – particularly in security operations centres (SOCs), where junior analysts are expected to respond to threats with precision and speed.

 

According to the UK Government’s Cyber Security Breaches Survey 2025, over four in ten businesses (43 per cent) and three in ten charities (30 per cent) reported having experienced any kind of cyber-security breach or attack in the past 12 months. That number jumps to 74 per cent for large enterprises. Despite this, employers continue to cite a lack of job-ready talent – especially among early-career professionals. DSIT’s latest cyber-security skills in the UK labour market report found that approximately 637,000 businesses (44 per cent) have a basic skills gap, where employees responsible for cyber-security lack the confidence to carry out the basic tasks laid out in the government-endorsed Cyber Essentials scheme.

 

Cyber-security roles frequently require practical experience, but early-career candidates often haven’t had the opportunity to build it yet. This contradiction continues to hinder progress – especially when demand is growing.

 

The readiness paradox

 

The cyber-skills gap is widely discussed, but less often is the underlying tension addressed: organisations need analysts with proven capability, but many entry-level candidates are caught in a cycle where they can’t build experience without first being hired.

 

ISACA’s State of Cybersecurity report echoes this: 73 per cent of hiring managers prioritise hands-on experience, followed by 38 per cent who consider certifications a top factor – especially those that demonstrate real-world performance.

 

In practice, that means candidates with only theoretical training often fall short of expectations. And while on-the-job learning remains critical, employers increasingly want assurance that new hires can contribute from the outset.

 

A more practical path forward

 

ISACA’s response to this challenge is the Certified Cybersecurity Operations Analyst™ (CCOA™) credential – a performance-based certification that focuses on real-world analyst responsibilities.

 

Designed for professionals with roughly two years of experience, CCOA provides hands-on training and includes a lab-based exam. Candidates are required to detect, assess and respond to simulated incidents, replicating the conditions of a live SOC environment.

 

The programme covers five domains:

• Technology fundamentals
• Cyber-security principles and risk
• Adversarial tactics and techniques
• Incident detection and response
• Asset protection

This makes CCOA particularly useful for employers seeking a benchmark for analyst readiness and for professionals looking to gain validation of their skills in high-pressure, operational contexts.

 

Benefits for teams and talent

 

This approach not only equips analysts with technical and decision-making capabilities, it also eases the burden on hiring managers and existing SOC staff.

 

ISACA’s Tech Workforce and Culture report highlights that:

• 61 per cent of IT professionals in Europe cite excessive workloads
• 73 per cent have experienced burnout
• 30 per cent of new entrants say that highly specialised requirements are a barrier to entry

The workforce challenges only are becoming more pronounced as AI and other emerging technologies expand the threat landscape, underscoring the need for an influx of security professionals who have shown they can identify and effectively respond to real-world incidents.

 

CCOA helps reduce onboarding time and gives junior analysts a solid foundation to build on. It provides a way to make development scalable, without sacrificing quality.

 

It also provides a bridge to longer-term growth. CCOA holders receive a one-year education waiver towards ISACA’s Certified Information Security Manager (CISM) credential, making it a stepping stone to leadership roles within the field.

 

A complement to, not a replacement for, experience

 

Importantly, CCOA is not positioned as a shortcut, but as a complement to practical learning. Many cyber-security professionals build their skills on the job through mentorship or by responding to real incidents. But certifications such as CCOA validate those skills formally, making it easier for professionals to progress and for organisations to assess fit.

 

With pressure growing across the industry, workforce readiness will be central to building long-term cyber-resilience. Employers must be able to trust that the analysts they hire can contribute immediately. And early-career professionals need effective, accessible ways to prove they’re ready.

 

Performance-based programmes such as CCOA offer a practical, scalable path forward – one that benefits the sector as a whole.

---

To explore how the CCOA certification supports cyber-analyst readiness, visit www.isaca.org/credentialing/ccoa.  

---

By Chris Dimitriadis, Chief Global Strategy Officer, ISACA