If you’re interested in gaining a high-ranking position in the information security industry, your best bet is probably the CISSP® exam (Certified Information Systems Security Professional) qualification.
In this blog, we’ll tell you why it’s the most valuable training course for those entering the industry and explain everything you need to know before enrolling on a training course.
The benefits of a CISSP qualification
- You’ll gain recognition and respect: CISSP is a universally recognised qualification. Certifying to it demonstrates that you have an advanced knowledge of information security and are looking to develop a career in the industry.
- It’s growing in popularity: By the end of May 2019, there were 136,480 (ISC)2 CISSPs in 175 countries, making it the most popular information security qualification in the world.
- You become an (ISC)2 member: Those who qualify are automatically granted membership to (ISC)2, which comes with various perks, including exclusive access to webinars and conferences.
- It helps your career prospects: The popularity of CISSP is in part because it’s necessary for many job roles. Becoming certified gives you a head–start when looking for your next position.
Is it difficult to become a CISSP?
Like most advanced qualifications, it takes a lot of time and effort to achieve the CISSP qualification, and you are by no means guaranteed to pass the exam first time.
The (ISC)2 doesn’t disclose the pass rate, but it’s believed to be below 50%. Don’t be too disheartened by that. The driving test has a similar pass rate and think about how many drivers there are in the world.
For many people it’s a case of learning from your mistakes and getting comfortable in a test environment. If you don’t pass first time around, you’ll usually get it right on the second or third attempt.
Can you become a CISSP without practical experience?
You need at least five years’ experience in two or more of the eight CBK (Common Body of Knowledge) domains to become a CISSP.
However, you can still sit the exam and become an Associate of (ISC)2 until you gain the necessary experience.
How long does it take to gain the CISSP qualification?
Like any exam, preparation is a matter of quality over quantity. The right teacher or learning tool can explain a topic in a matter of minutes, whereas you could spend hours reading about it online and still be none the wiser.
Generally, we recommend spending at least 160 hours studying CISSP and preparing for the exam. But bear in mind that the more intensively you study, the less time it will take.
That’s to say, you’ll probably make more progress if you dedicate two or three hours at a time to studying rather than doing it in bits and pieces.
How long is the CISSP qualification valid?
A CISSP qualification is initially valid for three years. To extend its validity, you must gain 40 CPE (continuing professional education) credits annually and 120 credits over a three-year period.
You can achieve those credits by proving that you are an active member of the cyber security industry and are staying abreast of the changing landscape. Some of the ways you can do this include:
- Attending cyber security conferences and webinars;
- Subscribing to industry journals;
- Enrolling on educational programmes;
- Publishing an article or book on a relevant topic; and
- Preparing for an information security qualification.
What jobs can I get with a CISSP qualification?
The CISSP qualification is suited for mid- and senior-level managers who are working towards, or have already attained, senior information security positions.
Some of the most common jobs for CISSP-qualified individuals are:
- Information security manager;
- Information security analyst;
- Chief information security officer;
- Security architect; and
- Security engineer.
Which is better, CISSP or CISM®?
If you’re looking to gain an information security qualification, you might be weighing up the pros and cons of CISSP and CISM (Certified Information Security Manager).
There’s no right answer as it ultimately depends on your skills and the type of job you want.
CISSP is generally preferable for those who are interested in the technical side of information security whereas CISM is better for those looking to become managers.
Some people might benefit from gaining both qualifications. In that case, we’d recommend taking CISSP first.
How do I get my CISSP endorsement?
To become a qualified CISSP, your application must be endorsed by an (ISC)2 professional. This person must be:
- Capable of attesting to your professional experience; and
- An active member of (ISC)2.
You may know someone professionally who meets those criteria, but if not, (ISC)2 can act as your endorser.
How do I prove my CISSP experience?
Your endorser will research whether you meet the requirements to become a CISSP, including whether you have the necessary experience.
If it’s someone you work with, they can simply verify your job role and how long you’ve been doing it. If your endorser can’t attest to this, they will speak to your line manager, HR department, customers and vendors for evidence of your claims.
Pass the CISSP exam with IT Governance Europe
If you’re ready to start preparing for the CISSP exam, take a look at our CISSP Accelerated Training Programme.
This crash course teaches you everything you need to pass the exam in just five days. You’ll be guided by an industry expert with a track record of helping candidates pass the exam.