If this question has been hovering in your mind lately, you have to give it a serious and objective thought. The fact is that the answer to the question of whether you should obtain the CISSP credential or not largely depends on a lot of factors. Your career goal is one of such factors. To help you make an informed decision on whether to go ahead to earn the certification or opt for another one, we have highlighted some critical factors that you need to consider.
Before going into this, it is crucial to mention that the job roles that require the CISSP certificate are generally lucrative. Depending on your location, you can earn as high as six figures remuneration per annum with this IT certification. If you are a resident of the United States, it might please you to know that there is a high demand for the security professionals in the country. According to the report, there will be about two million additional security jobs that require the specialists to take them up by the coming year. The implication of this is that there are great opportunities that the certified CISSP professionals can explore. Below are some factors to consider in relation to earning the CISSP credential.
Work Experience
This is very important when it comes to pursuing the CISSP credential. There is a rule that you cannot pursue this certification if you are an entry-level professional in the field of security. It has nothing to do with your chance of success in the exam or your level of brilliance. Your years of work experience are the key. To pursue the CISSP certificate, the test takers must have at least five years of experience to be able to take the exam in the first place. Now, the fact that you cannot pursue CISSP doesn’t mean you cannot start the security certification path. For instance, you can achieve the Associate of (ISC)² status by passing the CISSP test. It opens you up to wide career resources as well as to a networking group. As an Associate, you can earn your CISSP certificate in six years by completing 5 years of work experience and fulfilling the CPE (Continuing Professional Education) requirements.
Consideration of Alternative Paths to CISSP
For the individuals trying to get their first security role in the field of IT, earning the CISSP certification is not the best idea. Instead, you should consider the credentials that certify your fundamental knowledge and skills in the realm of security. For example, there are two certification tests that this group of professionals can take to earn the entry-level certificates: CompTIA CySA+ and CompTIA Security+.
CompTIA CySA+ is an ideal certification for new specialists in the field of IT. The credential is designed to bridge the gap between the skills required for CompTIA Security+ and CompTIA Advanced Security Practitioner (CASP). This certificate is a step ahead of Security+ and it validates basically everything you would have learnt in the first four years of your work as a security professional.
CompTIA Security+ is another great alternative for the entry-level specialists. It is a cybersecurity certification that requires the candidates to pass the SY0-501 exam that comes with 90 multiple-choice questions before obtaining it. The test validates the knowledge necessary for optimal functioning in the field of security and IT in the first year of your professional work experience. The students have 90 minutes to complete the certification exam.
After attaining any of these credentials, you can proceed to earn CISSP. The good news is that if you obtain one of two, it stands for one year of experience in the industry.
CISSP is Ideal for Government Job Roles
If you are considering taking up a security job role in the government, the CISSP credential is an excellent choice. This is because it fulfills the DoD Directive 8570.01-M prerequisites. The government employees have four tiers of a certification baseline. They include Information Assurance Technical, Information Assurance Management, Information Assurance System Architect & Engineer, and Cybersecurity Service Provider. CISSP is a strong option for the professionals in the IT industry.
Recertification Requirements
Before you pursue CISSP, you must know that you are required to recertify it every three years to maintain your certification status. You need to earn some CPE credits to be able to recertify. You can relax; it doesn’t require a serious effort to earn these credits. You only need to do what you are meant to do as a professional. According to the (ISC)² Continuing Professional Education Handbook, the candidates can earn their CPE through the following means:
- Reading a book, a whitepaper, or a magazine;
- Writing and publishing an article, a whitepaper, or a book;
- Attending conferences, seminars, presentations, or educational courses;
- Self-study as it relates to exam preparation or research for a project;
- Preparing for teaching or presentation of information relating to information security;
- Taking a higher academic course;
- Volunteering for the public sector, the government, or other charitable enterprises.
You need to submit at least 90 Group A CPE credits and an additional 30 Group B CPE credits in order to maintain your CISSP certification. Thus, you need to obtain 120 credits in total. Each credit is equal to one hour spent learning something new in the field. It is important to mention that on-the-job activities do not count towards the CPE credits. It has to be an additional learning process. To get 90 credits in three years, you can strive to achieve an average of 40 CPE credit hours per year. You can achieve this by taking part in the abovementioned activities.
Conclusion
Indeed, earning the CISSP credential is largely dependent on your work experience, professional goals, and your industry. You should give serious consideration to these things before you make a move to earn the certification. In case you are not qualified to earn CISSP due to any of the above-mentioned factors, there are many options that you can consider pending the time you are qualified to take the certificate.
