Certification for Information System Security Professional (CISSP) is a vendor-neutral certification contemplating the qualifications of information security professionals with a purpose of measuring of competence as well as a globally accepted standard of achievement. CISSP certification means the information security professional proves a working knowledge of information security, confirms dedication to the profession, and sets out a standard of best practices.
CISSP Certified is “a virtually necessary ceremony of passage within the profession of information security specialists and a mandate for a lot of superior roles in the career.” A lot has modified within the security certification panorama over the intervening two years. However, They stand by their evaluation in the present day.
Simply sheer numbers, the CISSP continues to thrive. There have been simply over 131,180 CISSP credential holders worldwide. That’s a minimum of 12% progress in the course of the time frame that some confirm the CISSP was declining as far as certification.
The variety of newly minted CISSPs is probably going even greater than the 12,000 these numbers point out, in the event to imagine that some CISSP holders retired from the energetic workforce, handed away, or just determined to not renew their certifications.
In the event you’re a mid-level data security professional, then you must nonetheless take into account the CISSP an important step in your profession improvement. Whereas the content material on the examination has advanced over a previous couple of years, the CISSP stays a vital qualification for a lot of higher-level cybersecurity positions.
What’s New with CISSP?
The CISSP underwent a serious overhaul in April 2017 that modified the construction of the examination and its content material. The 10 domains of data security acquainted to generations of cybersecurity professionals have been reorganized and changed with a consolidated record of eight domains:
-
Security and Risk Management
-
Asset Security
-
Security Architecture and Engineering
-
Communication and Network Security
-
Identity and Access Management
-
Security Assessment and Testing
-
Security Operations
-
Software Development Security
The brand new domains embrace just not only a lot of the material discovered on the CISSP examination but additionally incorporate some main new areas of information, together with an elevated concentrate on security evaluation and expanded protection of present scorching subjects within the subject, together with cloud security and cellular gadgets.
Candidates must have a broad vary of data throughout the 8 domains of knowledge security, however, will discover that the check doesn't go into a deep element on any particular technical subject. That’s the realm of different security certification packages.
The exam itself stays much like previous reviews. Candidates may have six hours to finish a 250-question examination. The overwhelming majority of questions on the test are multiple-choice questions primarily based upon brief eventualities or particular factual information.
Every examination may also embody some specific format issues that (ISC)² characterizes as being “revolutionary” in format: drag-and-drop and hotspot questions. The drag-and-drop questions usually ask the candidate to pick out all the gadgets from a listing that apply to a given query and drag them to a solution space.
The hotspot questions usually ask candidates to establish a part or location on a diagram accurately. These questions don’t require particular data of any expertise platform and usually are not interactive in the sense that candidates usually are not requested to configure programs or enter command syntax.
CISSPs On the Job Market
Maybe a very great cause to earn the CISSP credential is the truth that, regardless of rumors on the contrary, it nonetheless reigns supreme on the job market. Job descriptions for information security professionals and leaders name out the CISSP by identify, requiring it as a fundamental qualification for a lot of positions within the subject. Human Sources departments usually use the CISSP as a screening situation for positions within the area and easily is not going to move alongside resumes that don’t meet this preliminary hurdle.
Demand for certification holders is high, and is only going to grow stronger. Consider what the US Bureau of Labor Statistics has to say about the outlook for information security analysts (just one of the many subsets in the wider world requiring CISSP certification). According to the BLS:
-
Annual median pay of over $115K
-
Expected to grow by 18% between 2014 and 2024, which is rated as “much faster than average
Now, certain, it’s simple to quibble with these numbers. Sure, there are in all probability data security positions that don’t comprise the key phrase “information security” within the job posting. It’s additionally doubtless that lots of the postings that included the key phrase “CISSP” talked about it as a most popular qualification somewhat than a requirement or included it in an inventory of fascinating certifications.
A vital profession cornerstone
CISSP certification alone isn’t sufficient to land you a dream job. However, neither is a university diploma, associated work expertise, or superior social abilities. As with all job qualification, CISSP certification is solely a part of a whole-person mosaic that hiring managers consider as they whittle down their pool of candidates.
Earning your CISSP demonstrates a broad base of information throughout the information Security subject mixed with a dedication to the career backed by real-world expertise. The foremost distinction between the CISSP and various job necessities is that it's a clear, straightforward screening standards that HR departments can apply when awash in purposes for a single place. When you lack these initials after your title, it's possible you'll end up screened out earlier than a hiring supervisor even seems to be at your resume.
In case you fulfil the CISSP’s expertise requirement, it’s a good suggestion to crack open the books, examine up and take the CISSP examination. Including the CISSP certification to your resume indicators to employers that you simply critical about cybersecurity.