CISSP Certification. Is it worth it?

CISSP Certification. Is it worth it?

Henry Dalziel | CISSP, ISC2 | January 21, 2013

Right, first off the bat, here is our “happy to state” disclaimer: we are a CISSP authorized training partner and we are proud of it! OK! Sounds good, but does that mean that we can offer a balanced blog post on whether or not CISSP is worth it? The answer is yes because of, amongst other things, personal reasons. The founders of Concise Courses spent considerable money on their own education and most of it we feel was overpriced and frankly, didn’t really do us any favors.

Why should CISSP be any different?
One quick way of making this argument easy is by saying: if you feel that CISSP is a waste of time, then don’t do it! Several of our Hacker Hotshot presenters have spoken about the demand in the market place for hiring security professionals and truth be said, many of them have split opinions on whether or not information security certifications are worth getting.

If you think that CISSP is a waste of time then let us agree on one thing please! That is: “the demand for capable infosec professionals has never been higher and it isn’t going to decrease any time soon.” Would you agree? If you agree say aye! Good! I heard many ayes! Now here is the thing, if you agree that there is massive demand for information security experts then surely getting a job will be easy? Well. Kinda.

Human resource departments up and down the USA have got it into their heads that CISSP is the big daddy of information security certifications, and being qualified means that you can “prove” that you are competent. To an extent HR is correct in giving CISSP credit because after all, passing the course is no easy “guaranteed” task. In order to secure the certification, you MUST have five years of infosec experience (or four years with a previous certification) and endorsement from another CISSP member. You must also correctly answer 70 percent of a 250-question multiple-choice test. The certification must be renewed every three years with continuing education.

If you accept that Human Resources look for CISSP designations then get CISSP certified. In the process of taking the course you will learn new skills, brush up on old ones and even identify new areas of interest that might lead to new opportunities. Also there is also the networking factor.

Our point is this: if you are looking for a job or are looking to start a career in information security, and if you agree that HR look for CISSP qualified candidates (or at least that they put those applicants on the good CV pile) then why not do it? Yes, it is expensive for most people especially if they are self-funding but that is another discussion – a counter-argument could be that getting certified is an investment for your future. There are 76,000 active CISSPs worldwide and 3,250 who took the test last December 2012 – surely those 76,000 people can’t all be dummies?

Now if you stumbled across this post and are new to the security field then why not take a look at the other security certifications out there that “compete” with CISSP. “Compete” is probably the wrong word because the other infosec qualifications have less stringent entry criteria and CISSP is positioned as a higher certification.

Final thought: we want to help you get a job and help your career. If you feel that CISSP will help your career then go for it and all the more power to you! Let us leave you with this quote:

“Anyone who stops learning is old, whether at twenty or eighty. Anyone who keeps learning stays young.” Henry Ford

We have a service whereby you can yourself to see if you would do well in a CISSP exam. If you are interested in testing yourself for free test just register for our CISSP info pack and we’ll send you your log in details right away!

  • wissam

    ready to test

  • Julian

    The only problem ( in my opinion ) of CIISP is what or you have someone what endorse you knowledge and you can prove much experience in security or simply not worth nothing and you ‘ve spent much money for nothing.

    A greeting

  • Jo

    I personally think its not worth it. I did it not long after i completed my MSc hoping it will help my chances of getting a job, but since Nov 2012, it has fetched me nothing. I regret paying for it

    • It’s the age-old discussion over whether a security certification helps your career or not – I really think it depends. Maybe your CISSP will actually help you in a few years time – for example getting a contract or a job that ‘requires’ the CISSP designation. Remember that a lot of HR (that are not security folk) consider CISSP to be the ‘gold standard’ and ultimately if they are issuing contracts based on applications having the cert then yes – it will be a good thing.

  • Khan

    if we enroll in it what type of certificate we will get – official or Concise?

Leave a comment or reply below...thanks!