The decision to pursue the CISSP credential is dependent on a number of factors. First, you have to understand that there are different options when it comes to the security certificates, so choosing the best option for you will depend on a couple of factors. Before we dive into the details, it is essential to put some facts into perspective.
First of all, job positions that require the professionals to have this (ISC)2 certificate are usually paid superbly. An individual with this credential can make an average of six-figure remunerations per annum but it depends on his/her location. Additionally, there is no lack of job roles for the security specialists, which means there is always an opening that you can fill when you have such a certification. For instance, it is estimated that there will be approximately 2 million extra security positions that will require the IT experts to fill them. Of great importance is the number of people who will fulfill these roles, and this is where a strong consideration for CISSP comes in. No doubt, this is a good reason to pursue this certificate but you shouldn’t jump right into it without putting some facts into consideration.
Below we share some objective views on choosing the CISSP certification as your goal.
- CISSP requires paid work experience
Your work experience will showcase whether you should strive to pursue this credential or not. For instance, if you are just starting out in the sector of information security, you won’t be able to do it. This doesn’t mean that if you take the exam, you won’t pass it; it is all about the prerequisite for pursuing this (ISC)2 certification. You should have more than 5 years of paid work experience to qualify for this certificate. It is essential to point out that you can actually shorten the time by one year. However, you have four years to contend with, and nothing can be done about it. You just have to wait before you can attempt the CISSP certification test.
There are some other options that the professionals who starting out in the security field can consider. For those who want to earn their first job in the security field, CISSP is not the point to start. At this stage, you should seek to validate your basic skills. CompTIA Security+ and CompTIA CySA+ are two certificates you can consider to confirm your knowledge and skills, as well as increase your chance of landing an entry-level position.
CompTIA Security+ is an entry-level cybersecurity credential that requires a single exam. It is made up of about 90 questions, which must be completed within 90 minutes. The test is created to validate the candidates’ knowledge and skills in basic IT and security domains. CompTIA CySA+ is also an excellent choice for an entry-level IT security specialist. This credential was introduced in 2017 by CompTIA, and it was developed to bridge the gap between the skills required for the foundational CompTIA Security+ and the expert-level CASP+ certificates. You can continue to pursue CISSP after earning either of these certifications. However, you have to fulfill the requirements for years of experience before you obtain it.
- CISSP is great if you want to take up government jobs
For the professionals trying to get a job position in the government, CISSP is a great credential option. It satisfies the IA baseline certification requirements for taking up job roles in this realm. The baseline certificates for the government employees possess four different categories, including IAT, AIM, CSSP, and IASAE. (ISC)2 CISSP takes its place in these categories, which means it is a great certification option for those individuals who want to get a government job title.
- CISSP requires recertification
This is actually a great thing because it helps you consistently update your skills so as not to become obsolete. To renew your certification, you have to earn the CPE credits, which are quite easy to achieve. Every 3 years, you have to submit at least 90 Group-A CPE credits, as well as the additional 30 Group-A or Group-B CPE credits to retain your credential. There are different educational activities that make up for these CPE credits. You earn one credit for each hour you spend learning. Some educational activities you can engage in include reading of whitepapers, books, or magazines; attending educational courses, presentations, seminars, or conferences; publishing a whitepaper, an article, or a book. You can also earn the credits by preparing to train or present information associated with information security; volunteering for charitable organizations, public sector, and government; performing special project-related work outside your normal work responsibilities; taking higher academic training courses. Generally, if you learn the topics covered in the eight security domains, you can claim the CPE credit hours. Of course, they should be not within your standard job activity. With an average of 40 CPE credits every year, you can easily meet up with the recertification requirements.
Please note that the Group-B credits cover the general professional and development activities that the certification holders may engage in. These include anything that is not within the scope of the security domains. Additionally, the activities that qualify for the Group-A CPE credits can also be used for the Group-B ones.
Your choice of obtaining the CISSP certificate will be determined by your professional goals, industry, and work experience. If you want to break into the information security field, this (ISC)2 certification is the ideal choice. However, if you are an entry-level professional, it will not be a good starting point because you don’t have the prerequisite experience for it at this stage. Instead, you should pursue either CompTIA Security+ or CompTIA CySA+ to begin your journey in the world of information security. With experience you will earn, you can proceed to pursue the CISSP credential. This will be a good foundation for your future career path.