What is CISSP – Concepts, Eligibility Criteria and Pluses Associated?
CISSP or Certified Information System Security Professional is a globally recognized certification offered by ISC2 (International Information Systems Security Certification Consortium. The certification confirms the candidate’s ability and expertise in all fields of information security. These are the professionals who are better capable to define the design, architecture, controls and management of highly secure business environments. CISSP was the first certification ever in this field and levies stringent standards of ISO/IEC 17024.
As per reports till November 2013, only 90,198 professionals hold the CISSP certification worldwide (149 countries). The exam has an 80% failure rate. The CIISP certification is ANSI ISO/IEC 17024:2003 accredited and as such is an international standard. It is also approved by the U.S Department of Defense in both the Information Assurance Managerial (IAM) and Information Assurance Technical (IAT). It is regarded as the base line for U.S. National Security Agency ISSEP program.
What is the CISSP Concept?
The CISSP constitute various topics under the Information Security studies. The final examination is based upon a Common Body of Knowledge (CBK) – a taxonomy or collection of relevant topics for IS security professionals worldwide. The CBK is a large framework of terms and principles allowing professionals worldwide to debate discuss and solve situations relevant to common understanding. The exam 10 different areas under information security including:
- Access Controls System and Methodology
- Systems and application security development
- Disaster recovery and business continuity plans
- Investigation laws and ethics
- Security models and architectures
- Physical security
- Best management practices
- Networking and telecommunications security
- Operations security
A six hour long exam, candidates will have to attend 250 questions. Cracking the CISSP exam is a tough ask but for those who qualify, there is a completely turnaround in their career.
What is CISSP Eligibility?
CISSP Eligibility: Candidates looking to sit for the CISSP exams must have 5 years of cumulative full time work experience in two or more domains required under the ISC2 CISSP CBK. ISC2 also provides a 1 year professional experience waiver if the candidate possesses a four year college degree in the same field, its regional equivalent or educational eligibility as recognized under the ISC2 list. This way candidates will require a minimum of four years of paid work experience in any two (or more) of the aforesaid domains.
Candidates without the experience can also sit for the exam but they won’t be rewarded the CISSP tag. They will need to earn the required 5/4 years of experience in the next 6 years before they can use the CISSP credential. In this duration, the candidates will be given an Associate of ISC2 certification.
Here is a sample video that takes you through introduction to Introduction to CISSP Certification. Hope you find it beneficial:
What are the advantages of CISSP certification?
Being recognized by ISC2 is in itself an honor and says a lot about the professional you are. Every business, right from the national defense to online shopping is susceptible to security threat. A CISSP certification means that you have the education, backing, networking and support systems to fight the treads heads on. It’s a prestigious job and of high concern to the employer. Inevitably, employers are willing to pay huge for the right candidate.
- Better risk management – CISSP professional are updated to international regulatory standards like GLBA, HIPAA, SOX, FERPA, FISMA, DoD Directive 8570.1 etc., the insurance requirements ensure that all the emerging and evolving security threats are met with well equipped and experienced professionals. CISSP candidates are supposed to be highly knowledgeable in all grounds of information system security and controls.
- Human resource – Independent evaluation by expert professionals will only mean that the best skill set and experience is being used to counter a security threat. Organizations know that CISSP professionals are the best bet when it comes to security. The ISC2 standards require professionals to have measurable knowledge, defined skill sets and categorized experience.
- Organizational marketing – For companies that employ CISSP professionals, they have all the reason to market the high standards of security systems that are put in place. Customers too understand the importance of ISO standards and it becomes easier for the business to attract clients and customers. The service makes sure that the customer is impressed.
- Quality employees – CISSP certified professionals come with a high breadth of knowledge. They are generalists with specialties in various domains of IT security.
- Get paid – Salary is not an issue with CISSP certified candidates. Market surveys have revealed that CISSP certified candidates are the highest paid in the IT industry. The median income of a CISSP certified professional is around $95,155 as per the SANS. IDC also suggests that with increasing threats to security systems, businesses are willing to pay much more for the right candidate and the growth rate of a CISSP’s salary has clearly outpaced every other sector. A certification will always lead to promotions and raises.
- Move around the world – CISSP certified professionals are in great demand across organizations and industries globally. Most modern job postings in security systems prefer a CISSP certified candidate. While this is a globally recognized certification, professionals can look to get a quantifiable job anywhere in the world.
- Recognition – Passing a CISSP is not an easy task. It requires quite a lot of effort and hard work. This is also the reason that there are only about 90,000 certified professionals, worldwide. However, if you do make it through, it would be a high boost to your self confidence. Not to say, you will be highly recognized and respected among colleagues, peers, clients and organizations.
- Security consultant
- Security analyst
- Security manager
- Security systems engineer
- Security auditor
- Director of security
- Chief information security manager
- IT manager/Director
- Network Architect
- Security Architect
A CISSP certification places you among a globally recognized family of networking security professionals. You are a class apart and have full access to a global spectrum of information resources, peer networking, educational tools and industries. Recruiters will look out for you and offer you salaries that would have been ever possible without the certificate. Overall, it changes your life for the good. If you are looking to take your security systems career to its highest level, strive for the CISSP certification.
About the On-Demand Webinar
About the Webinar