Cisco retired the CyberOps brand in 2026. CyberOps Associate became CCNA Cybersecurity. CyberOps Professional became CCNP Cybersecurity. Both changes happened in two stages: a first rename on January 21, 2026 and the final CCNA and CCNP naming on February 3, 2026.
If you held an active CyberOps certification, it was automatically migrated. No retesting required. If you were studying for CyberOps, your preparation is largely still valid with AI-focused content additions to review.
What Is the Difference Between CyberOps and CCNA Cybersecurity?
| Factor | CyberOps (Retired) | CCNA Cybersecurity (Current) |
| Status | Retired February 3, 2026 | Active — current certification |
| Associate exam code | 200-201 CBROPS | 200-201 CCNACBR |
| Associate exam name | Understanding Cisco Cybersecurity Operations Fundamentals | Understanding Cisco Cybersecurity Operations Fundamentals |
| Exam version | v1.1 | v1.2 |
| Professional exam code | 350-201 CBRCOR | 350-201 CBRCOR |
| Content change | Core SOC and threat detection | Same core plus AI monitoring, AI threat intelligence, zero-day response |
| Naming recognition | Not immediately understood by all HR | Instantly recognized as CCNA-level Cisco cert |
| Auto-migration | N/A | All active CyberOps holders migrated automatically |
The key point: The exam codes stayed the same. The exam content moved from v1.1 to v1.2. The certification names changed. And AI-focused topics were added throughout.
Was My CyberOps Certification Automatically Migrated?
Yes. All active CyberOps certifications were automatically migrated on February 3, 2026.
| Old Certification | New Certification |
| Cisco Certified CyberOps Associate | CCNA Cybersecurity |
| Cisco Certified CyberOps Professional | CCNP Cybersecurity |
No retesting required. New digital badges were issued automatically. You can download your updated badge and certificate directly from the Cisco CertMetrics platform without taking any exam.
Your expiration date did not change. The migration did not reset or extend your certification timeline.
What you should do now:
- Download your updated badge from the Cisco CertMetrics portal
- Update your LinkedIn profile, resume, and Credly to use CCNA Cybersecurity or CCNP Cybersecurity
- Use the new certification name in job applications — hiring managers recognize CCNA Cybersecurity faster than CyberOps
What Actually Changed: CyberOps v1.1 vs CCNA Cybersecurity v1.2
This is the part most articles miss. The rebrand was not purely cosmetic. The exam content was updated from v1.1 to v1.2. Here is exactly what changed in each exam.
CCNA Cybersecurity — 200-201 CCNACBR v1.2
What stayed the same: Core SOC fundamentals including security concepts, security monitoring, host-based analysis, network intrusion analysis, and security policies and procedures. These domains remain intact.
What was added in v1.2:
- AI in monitoring and analysis tasks — practical application, not just theory
- Using AI tools to identify social engineering attacks generated by AI
- Leveraging AI tools for threat monitoring and threat intelligence
- Understanding security risks specific to AI deployments
- Using the Cisco AI Assistant and AI-driven endpoint monitoring solutions
CCNP Cybersecurity — 350-201 CBRCOR v1.2
What was added in v1.2:
- “Recommend AI-powered data analytic techniques to meet specific needs” — a new domain requiring hands-on AI integration skills
- “Apply AI-driven threat intelligence using tools” — requires demonstrated ability to use AI tools in threat analysis workflows
Incident Response Exam — 300-215 CBRFIR v1.2
What was added in v1.2:
- “Recommend response to zero-day exploitations such as risk assessment and exploitation prediction” — covering zero-day exploit response scenarios with prediction-based approaches
Bottom line: If you were studying for CyberOps v1.1, your core knowledge is still valid. The additions are specifically around AI-powered security operations. Review the v1.2 exam blueprint and add AI-focused study time before booking your exam.
The Two-Stage Rebrand Timeline
The CyberOps rebrand happened in two distinct stages, which has caused confusion for many candidates:
| Stage | Date | What Changed |
| Stage 1 | January 21, 2026 | CyberOps Associate became Cisco Certified Cybersecurity Associate. CyberOps Professional became Cisco Certified Cybersecurity Professional. Exam content updated to v1.2. |
| Stage 2 | February 3, 2026 | Cisco Certified Cybersecurity Associate became CCNA Cybersecurity. Cisco Certified Cybersecurity Professional became CCNP Cybersecurity. No additional content change at this stage. |
The two-stage approach let Cisco introduce the content updates first and then align the naming with the broader CCNA and CCNP structure alongside the DevNet to Automation changes.
What Is CCNA Cybersecurity?
CCNA Cybersecurity is Cisco’s entry-level cybersecurity certification for security operations professionals. It replaced CyberOps Associate on February 3, 2026.
Exam code: 200-201 CCNACBR Exam name: Understanding Cisco Cybersecurity Operations Fundamentals v1.2 Duration: 120 minutes Target role: SOC Analyst, Security Analyst, Cybersecurity Analyst Prerequisite: None formally required
What Does CCNA Cybersecurity Cover?
| Domain | Topics |
| Security concepts | CIA triad, access control models, security policies, compliance frameworks |
| Security monitoring | SIEM tools, NetFlow, tcpdump, log analysis, malware analysis |
| Host-based analysis | Endpoint monitoring, host logs, process analysis, file integrity |
| Network intrusion analysis | PCAPs, network traffic analysis, IDS and IPS, attack techniques |
| Security policies and procedures | Incident response workflows, NIST SP 800-61, defense-in-depth |
| AI in security (v1.2 addition) | AI-powered monitoring, AI threat intelligence, AI-generated attack identification |
What Is CCNP Cybersecurity?
CCNP Cybersecurity is Cisco’s professional-level cybersecurity certification. It replaced CyberOps Professional on February 3, 2026.
Core exam: 350-201 CBRCOR v1.2 Concentration exam options: 300-215 CBRFIR (Incident Response) and others
CCNP Cybersecurity requires passing the core exam plus one concentration exam. Content updated to v1.2 with AI-driven threat analytics and intelligence integration added as formal exam domains.
Why Did Cisco Replace CyberOps with CCNA Cybersecurity?
Cisco made this change for two concrete reasons.
Reason 1: Employer recognition was inconsistent. CyberOps was a respected credential within the security community but was not always immediately understood by HR teams and hiring managers outside that community. When a candidate listed CyberOps Associate on their resume, some employers were unsure how it compared to a CCNA or CompTIA Security+ in terms of level and rigor. CCNA Cybersecurity communicates its level immediately. Every hiring manager who knows what a CCNA is — which is most of them in IT — instantly understands where CCNA Cybersecurity fits.
Reason 2: AI has fundamentally changed SOC work. By 2026, Security Operations Centers use AI tools for alert triage, log analysis, behavioral anomaly detection, and threat intelligence at scale. Security analysts are no longer only manually processing alerts. They interpret AI-generated outputs, guide machine learning systems through manual interventions, and make decisions based on automated analysis. The v1.2 content update directly addresses this hybrid human-AI workflow that defines modern SOC environments.
CCNA Cybersecurity vs CCNA 200-301: What Is the Difference?
Many candidates confuse these two certifications because they now share the CCNA brand name.
| Factor | CCNA 200-301 | CCNA Cybersecurity 200-201 |
| Focus | Networking infrastructure — routing, switching, wireless, automation | Cybersecurity operations — SOC work, threat detection, incident response |
| Target role | Network Administrator, Network Engineer | SOC Analyst, Security Analyst, Incident Responder |
| Prerequisite | None | None |
| Duration | 120 minutes | 120 minutes |
| Cost | $330 | Similar pricing |
| Tools covered | Cisco IOS, routing protocols, network configuration | SIEM, NetFlow, tcpdump, Wireshark, malware analysis tools |
| Best for | Professionals building networking careers | Professionals targeting cybersecurity operations roles |
They are separate certifications at the same associate level. Earning one does not grant or replace the other. Some security-focused professionals pursue both for comprehensive networking and security knowledge.
Who Should Pursue CCNA Cybersecurity?
CCNA Cybersecurity is the right certification for:
- Aspiring SOC analysts. The certification directly validates the skills that Tier 1 and Tier 2 SOC analyst roles require — SIEM usage, threat detection, incident response workflows, and now AI-powered security tooling.
- IT professionals transitioning into cybersecurity. If you have general IT experience and want to move into security operations, CCNA Cybersecurity is the most directly relevant Cisco credential for your target roles.
- Security analysts who held CyberOps. Your credential is already migrated. When renewal time comes, the updated v1.2 content is what you study.
- Professionals building toward CCNP Cybersecurity. CCNA Cybersecurity provides the foundational security operations knowledge that CCNP builds on, even though Cisco does not formally require it as a prerequisite.
CCNA Cybersecurity is NOT the right starting point for:
- Professionals focused on network security infrastructure. If your goal is firewalls, VPNs, and network security architecture rather than SOC analyst work, look at CCNP Security with its SCOR core exam instead.
- Complete beginners to both IT and cybersecurity. Some foundational IT and networking knowledge makes the exam content significantly more accessible. Consider starting with CCNA 200-301 or CompTIA Security+ first if you have no IT background. Our Security+ exam preparation materials are a strong entry point.
How to Prepare for CCNA Cybersecurity in 2026
Step 1: Download the current 200-201 CCNACBR v1.2 exam blueprint. This is your definitive study guide. Use the v1.2 blueprint, not any legacy CyberOps v1.1 materials. The content is mostly the same but v1.2 adds AI-focused objectives that will appear on the exam.
Step 2: Build strong SOC fundamentals. The core of this exam has not changed. Security monitoring, host-based analysis, network intrusion analysis, and incident response workflows are still the heaviest-weighted domains. Build genuine depth in these areas using the NIST SP 800-61 incident response framework, SIEM tool practice, and network traffic analysis with tools like Wireshark and tcpdump.
Step 3: Add the AI-specific content. Review the new v1.2 objectives covering AI in monitoring and analysis. Study how AI tools are used in modern SOC environments for automated alert triage, behavioral anomaly detection, and AI-powered threat intelligence feeds. The exam now expects practical application, not just theoretical awareness.
Step 4: Practice with SIEM tools. Cisco’s Chronicle and Splunk are the most relevant SIEM platforms for this exam. Hands-on experience analyzing security events, building correlation rules, and investigating alerts in a SIEM environment makes the exam questions significantly more intuitive.
Step 5: Use current practice materials. Legacy CyberOps v1.1 practice exams will not cover the v1.2 AI additions. Use materials built around the current CCNACBR blueprint. Our Cisco exam preparation materials are aligned to current Cisco exam blueprints.
CCNA Cybersecurity vs CompTIA Security+
Many candidates choosing between Cisco and CompTIA cybersecurity credentials ask this comparison directly.
| Factor | CCNA Cybersecurity | CompTIA Security+ |
| Vendor | Cisco | Vendor-neutral |
| Focus | SOC operations and threat detection | Broad security principles and implementation |
| DoD 8570 requirement | No | Yes |
| Best market | Organizations using Cisco security infrastructure | Broad enterprise, government, contractor roles |
| Exam format | 120 minutes, multiple choice and scenario-based | 90 minutes, multiple choice and performance-based |
| Hands-on focus | High — SOC workflows, SIEM, traffic analysis | Medium — concepts with some applied scenarios |
| Renewal | 3 years | 3 years |
Which one should you get? If you are targeting SOC analyst roles specifically and your target employers use Cisco infrastructure, CCNA Cybersecurity is the stronger fit. If you want the widest employer recognition including government and contractor roles where DoD 8570 requirements apply, Security+ is the more strategic choice. Many serious security professionals pursue both.
The full Cisco certification changes picture including the DevNet rebrand and CCNP Wireless relaunch is in our Cisco certification changes guide.
Frequently Asked Questions About CyberOps vs CCNA Cybersecurity
What happened to CyberOps certifications in 2026?
CyberOps Associate became CCNA Cybersecurity and CyberOps Professional became CCNP Cybersecurity. The change happened in two stages: January 21, 2026 (first rename) and February 3, 2026 (final CCNA and CCNP naming). All active holders were automatically migrated.
Do I need to retake my exam after the CyberOps rebrand?
No. If your CyberOps certification was active on February 3, 2026, it was automatically recognized as CCNA or CCNP Cybersecurity. No retesting is required.
What is the exam code for CCNA Cybersecurity?
The CCNA Cybersecurity exam code is 200-201 CCNACBR. The exam number 200-201 is the same as the old CBROPS exam. The content updated from v1.1 to v1.2 with AI-focused additions.
What did the v1.2 update add to the CCNA Cybersecurity exam?
The v1.2 update added AI-focused content covering AI in monitoring and analysis tasks, using AI tools to identify social engineering attacks generated by AI, leveraging AI for threat monitoring and intelligence, and understanding security risks specific to AI deployments.
Is CCNA Cybersecurity the same as CCNA 200-301?
No. They are separate certifications at the same associate level. CCNA 200-301 focuses on networking infrastructure. CCNA Cybersecurity (200-201) focuses on cybersecurity operations and SOC analyst skills. Earning one does not replace the other.
What jobs does CCNA Cybersecurity qualify you for?
CCNA Cybersecurity targets SOC Analyst (Tier 1 and Tier 2), Security Analyst, Information Security Analyst, Incident Responder, and Cybersecurity Analyst roles. These roles involve monitoring security events, analyzing threats, and responding to incidents in enterprise security operations environments.
What is the difference between CCNA Cybersecurity and CCNP Cybersecurity?
CCNA Cybersecurity (200-201 CCNACBR) is the entry-level certification covering SOC fundamentals, threat detection, and incident response basics. CCNP Cybersecurity is the professional-level certification requiring the CBRCOR core exam plus a concentration exam. CCNP targets senior SOC analysts, threat hunters, and incident response professionals who need deeper technical and strategic security expertise.
Why did Cisco rename CyberOps to CCNA Cybersecurity?
Cisco made the change to improve employer recognition and align cybersecurity certifications with the CCNA and CCNP naming that hiring managers already understand. The CyberOps brand was well-known within the security community but less consistently recognized outside it. CCNA Cybersecurity communicates certification level immediately.
Can I still use CyberOps study materials for the CCNA Cybersecurity exam?
Mostly yes. The core content domains are the same. Study materials built for CyberOps v1.1 cover the majority of what you need. Add the v1.2 AI-specific content to your preparation by reviewing the current exam blueprint for the additions not covered in older materials.
How does CCNA Cybersecurity compare to CompTIA Security+?
CCNA Cybersecurity focuses specifically on SOC operations and is strongest in Cisco-heavy environments. Security+ is vendor-neutral, meets DoD 8570 requirements, and has the broadest employer recognition across enterprise, government, and contractor roles. Many security professionals pursue both.
