Using Google Trends to Analyse the Popularity of IT Security Certifications

October 1, 2018 by Frank Siemons

Intro to Using Google Trends to Analyse the Popularity of IT Security Certifications

If you are someone who likes to think ahead, Google Trends is currently pretty much as close as you can get to predicting the future.

By using this online tool, data can be collected about the volume of Google queries over the last few years. This can lead to some interesting discoveries due to the sheer volume of data collected by Google every day. Predictions about the severity of the current year’s flu season, for example, can be made by looking for trends in flu-related searches. Other examples would be to predict the results of a sports game or the US elections using the search trends of billions of people worldwide.

Closer to home for the many security-minded readers here, Google Trends can be very useful in the security world and more specifically in the world of security certifications.

When we compare the search trends of a list of security certifications we can create a “what’s hot” list and see if we can find any changes that have made these certifications more or less popular over time.

Keep in mind that Google Trends has its limitations as well. When only a small input is given to the query such as the term “CEH”, all matching search queries are simply added up, including for us irrelevant data. The term “CEH” shows search queries recorded far before the Certified Ethical Hacker certification existed, relating to sites such as the “Centre for Emotional Health”. To get more relevant data we can use the term “Certified Ethical Hacker”. Most people would however search for the term “CEH”, which means the input data of our resulting Trends graph is slightly limited.

Another example is that if we want to search for the full term “Certified Information Systems Security Professional”, Google Trends returns: ” Your terms – “Certified Information Systems Security Professional” – do not have enough search volume to show graphs.” In this situation we are forced to use the abbreviated term “CISSP”, even though the full term returns more than half a million results when used as a search query in Google Search.

This means a completely accurate comparison between the popularity of different certifications is difficult due to the way Google Trends works, but some clear patterns can be found over the years.


Let’s start easy with a well-known certification with a lot of search data behind it, the Cisco Certified Network Associate. As mentioned before, we need to use the input term “CCNA” because the full title does not provide enough search volume to show any graphs.

In the resulting graph, we can see a slowly declining trend since the start of Google’s recordings. The CCNA certification was introduced in 1998 and has had an expansion in 2008 which was widely covered by the online news at the time. This can be seen at the spike at label “A” in the News Reference Volume graph. This shows the marketing benefits of changing the curriculum for a certification at times.

Another interesting feature in the graph is a small drop in interest around December every year. This drop can be seen quite often in Google Trends graphs and usually relates to Christmas and New Year’s celebrations. An increase in search terms such as “gifts” can be seen at the same time, showing some clear prioritization of the IT community.

Certified Ethical Hacker (CEH)

It’s time to focus a bit more on the security field. Version 8 has only been released recently so a lot of input data is not available yet, but Version 7.1 was introduced as of 14 June 2011. We can see a spike in the interest of the CEH certification when we zoom in on 2011 and look at that specific month. Another interesting detail we can see is highlighted at Label “A” in the graph. It relates to a new training provider which is offering the CEH certification. This has generated a spike in news coverage. Finally, as mentioned before, we can see quite a drop in interest and news coverage around the December month. All this information can be quite useful for a marketing department’s budget planning for instance.


The well-known CISSP certification by (ISC)2® has been around for a while. Born in 1989, it has been the most popular higher-level security certification around for more than 2 decades. In the last few years a decline in search queries can be seen.

Looking at the annual reports of (ISC)2® however, the yearly membership has been steadily increasing during these years. The total amount of members actually went up from about 55.000 in 2007 to nearly 75.000 in 2010. Competitors in the market such as ISACA’s Certified Information Systems Auditor (CISA) have certainly become a lot more popular (mainly in Europe), but according to the annual reports it has not eaten any piece of CISSP’s pie.

Then what explains the steady decrease of Search Volume according to Google? That’s hard to say, but it might be that the name “CISSP” is now so well-known in the IT community that it generates fewer searches for information. Another explanation could be that (ISC)2® introduced its CISSP concentrations and the ISSJP certification for the Japanese market around the period of the decline. This might have diluted the interest in the familiar CISSP itself somewhat.

The introduction of the concentrations most likely triggered the spike in the Search Volume Index graph at the end of 2007. The spike in News Reference Volume at the beginning of 2008 however, seems to be started by the first ‘Hiring guide to the information security profession’ report published by (ISC)2® on January 17, 2008.

What seems clear is the continuous public interest and news coverage of the CISSP certification over many years. This makes the CISSP certification still a very valuable title to have.


CompTIA’s security+ has been a popular certification over the years. It was introduced in 2002 and since then, it has been part of electives to the MCSA: Security and the MCSE: Security certifications from Microsoft. It has also been a requirement for some United States Department of Defence employees. These connections to other certifications and the inclusion into some guidelines for employment should have added to the interest in the Security+ certification.

When we look at the graph of the Google Trends Search Volume index, there is no data for most of 2008 and the years before that. This means Google has not had enough search queries during those years to register anything. This means we cannot see whether the introduction of the SY0-201 in 2008 made any impact on the certificate’s interest. We can see however, that the release of SY0-301 in May 2011 made a slight difference.

The biggest difference however is the drop in interest from January 2011 onwards. This can only be explained by the introduction of the Annual Continuing Education fees and study requirements which did not exist before. The spike in interest in December 2010 might be explained by the fact that CompTIA states: “Individuals certified in CompTIA A+, CompTIA Network+ or CompTIA Security+ on or before Dec. 31, 2010, are considered certified for life.” It’s quite interesting to see such a clear response to the introduction of annual fees and study requirements.

Certified Ethical Hacker (CEH) and CISSP

With Google trends we can also input multiple search terms, which allows us for instance to compare the Certified ethical hacker and CISSP certifications. Here we run into the issue with the limitation on input terms again. The term “CEH” will not give us only Certified Ethical Hacker data in return, because the abbreviation is used for many other names. This means we need to use the term “Certified Ethical Hacker”, but is it really fair to compare the popularity of this full term with the abbreviated term “CISSP”? The term “CEH” on a Google Search gives nearly twice as many results as the term “Certified Ethical Hacker”.

Despite this issue of incomplete data input, we can see that there is much more interest in the CISSP certification than the CEH certification, just because of the sheer difference in search volume. Even the difference of input terms could not explain this.


With all the issues we encountered in mind and some other ones not mentioned before, it makes Google Trends quite hard to use with specific search terms. Maybe I should refine my statement. It is far from hard to use Google Trends itself, but the returned data is very hard to use in a reliable manner. It is important to be at least reasonably accurate when predictions are to be made based on the past.

Another example of an issue with Google Trends which I have not mentioned yet is the display of the most popular regions and languages for certain search terms.

According to the Google Trends data, the number one source region for the term “CCNA” is Nigeria and the United States is not even listed in the top 10. Apart from that, the listed number one language for this term is Tagalog, one of the languages used in the Philippines, followed by Vietnamese and Arabic. Personally I find this quite hard to believe, but there is no way of verifying this information, because it is solely based on Google’s data.

Sure, if a simple lookup of the popularity of a single certification is all that is required, Google Trends will show that. It can even show some yearly trends and responses to changes in the programs. It also clearly showed the impact of the introduction of annual fees to a certification such as CompTIA’s Security+. This means it does have some potential in predicting future trends in security certifications, but it’s all based on the input query that is available to be used and the volume of historic search data behind it.

Have a look on if you want to give it a try.

Posted: October 1, 2018
Articles Author
Frank Siemons
View Profile

Frank Siemons is an Australian security researcher at InfoSec Institute. His trackrecord consists of many years of Systems and Security administration, both in Europe and in Australia. Currently he holds many certifications such as CISSP and has a Master degree in InfoSys Security at Charles Sturt University. He has a true passion for anything related to pentesting and vulnerability assessment and can be found on His Twitter handle is @franksiemons

Leave a Reply

Your email address will not be published. Required fields are marked *