Henry Dalziel | CISSP, Information Security Careers | December 19, 2012
CISSP seems to have more haters than any other information security certification or am I wrong? Is it because the average salary of a CISSP certified professional is over $100,000?
Here is a direct quote from an article regarding CISSP training; taken from a security website (I withheld the name of the poster):
“…The CISSP is considered the gold standard by the people doing HR screening, but it has so little respect among some security folks that they specifically do not want to hire anyone that has it.“
Yup, some aspects of that are true – especially the “gold standard,” – but that’s kinda the point isn’t it? I mean, if CISSP is a standard, then love or it loath it – you might/ and perhaps “should” just do it. What harm can it actually really do? The answer is likely zero harm and to think that some “security folks specifically don’t hire someone with CISSP” is odd and it hints of discrimination against someone who tries to better themselves through education.
Education is good. Welcome it.
Sure – there are aspects of the CISSP Syllabus that are likely to be boring, out of touch or fill in the blank adjective. But think about it and imagine this – sit the CISSP hater down and force them to sit the course and take the examination then ask them if they didn’t learn something new. Chances are that they will have learned something new or at the very least would have brushed up on some skill with which they HAD a deficiency. We are not experts at everything. Period. We all learn something everyday and I am sure that you will learn something by sitting through a CISSP boot camp and getting certified.
If you are embarrassed to have the CISSP designation (as the quote above indicates) then simply rub it off your CV. We encourage you to do the opposite however, heck, wear it as a badge of honor and be proud to have taken time out of your busy schedule to have bettered yourself.
I’m painting a positive picture here: we ought to embrace education. We offer CISSP Online Training and are not ashamed to say so – on the contrary – we are extremely proud to help IT Security professionals better themselves, get certified and employed! If it is a standard then rise and excel within that standard.
Dave Lewis was recently elected to the (ISC)2 board of directors. His election was really the inspiration being this post. Dave, the founder of Liquid Matrix, represents a shift in the dynamics at ISC2 because he is seen as slightly more “risque” than others whom have sat on the board.
Although kinda old now – look at Dave’s three point manifesto – it sums up where CISSP should be heading in the next couple of years:
“If I’m [Dave Lewis] chosen for the Board of Directors here is what I’m aiming to accomplish,
1) I want to work to restore the CISSP exam and it’s place in the community as something to be respected.
2) I want to help bring the (ISC)2 into the wider acceptance in the community and help make it a force for positive change.
3) I want to ensure that the (ISC)2 is representative and accountable to it’s membership…..”
Its awesome that Dave is on the board to breath some life into the organization. We also firmly believe that CISSP certification DOES help boost a security professional’s career prospects. Sure it is not a compulsory certification but if it helps you get that interview which in turn gets you the job which results in your bills being paid – then go for it and all the more power to ya!
Our next CISSP online training boot camps are January 7th, February 5th and March 4th 2013. They all last seven weeks and are on a part-time evening basis; only a few hours a week.