(ISC)2 Certified Information Systems Security Professional (CISSP) Winner Winner
Known as the gold standard of information security certifications, the rigorous Certified Information Systems Security Professional (CISSP) was the first information security certification accredited to ISO/IEC Standard 17024. The CISSP is a globally recognized standard of achievement and provides an objective measure of mastery. It requires at least five cumulative years of direct, full-time work experience in two or more of the 10 domains of the CISSP common body of knowledge (CBK), or four years of work experience and a four-year college degree or a master's degree in information security. To ensure the credential's rigor, seasoned subject matter experts update exam content quarterly. CISSP holders are required to obtain 120 continuing professional education (CPE) credits every three years, with a minimum of 20 quality CPEs posted during each year of the three-year certification cycle. This ensures that CISSP-certified professionals are keeping up with the latest threats and solutions, critical in this dynamic field.
The CISSP is often a requirement for jobs in the public/private sectors worldwide. A CISSP candidate must demonstrate a breadth of knowledge and experience and understand the full spectrum of the (ISC)2 CBK, which covers critical current topics, including cloud computing, mobile security, application security and risk management.
In addition to the required five years of relevant work experience in two or more of the 10 CBK domains, CISSPs must also adhere to the (ISC)2 code of ethics, be endorsed by a current (ISC)2 member, and undergo continuing education to keep the certification current. By meeting these requirements, employers can rest assured that when they hire a professional who holds the CISSP, that person has demonstrated comprehension of industry best practices, made an investment in the field, and a commitment to ethical conduct.
Obtaining a CISSP offers a career differentiator, with enhanced credibility and marketability, as well as access to a professional community and valuable resources, such as publications, free continuing education, networking and peer collaboration. It also leads to career advancement and increased earnings. The "2011 (ISC)2 Global Information Security Workforce Study" found that certified professionals commanded a 25 percent average higher salary than non-certified respondents.
CISSPs can pursue concentrations in management, architecture and engineering. These concentrations allow CISSPs to demonstrate specializations on functional areas of importance. To qualify, the CISSP must maintain their credential in good standing and pass appropriate concentrations exams, each having its own set of CBK domains. Obtaining these concentrations can provide a career path that opens up a new realm of possibilities for more demanding roles in larger enterprises, more educational opportunities and specialized certifications that recognize the talents of the individual.
Programs are defined as professional industry groups offering certifications to IT security professionals wishing to receive educational experience and credentials. Entrants can include organizations in the industry granting certifications for the training and knowledge they provide.