See also Cybersecurity Certifications
CISSP – Certified Information Systems Security Professional Certification
The Certified Information Systems Security Professional (CISSP) is an advanced-level certification for IT pros serious about careers in information security. Offered by the International Information Systems Security Certification Consortium, known as (ISC)2 (pronounced “ISC squared”), this vendor-neutral credential is recognized worldwide for its standards of excellence.
CISSP credential holders are decision-makers who possess expert knowledge and technical skills necessary to develop, guide and manage security standards, policies and procedures within their organizations. The CISSP continues to be highly sought after by IT professionals and is well recognized by IT organizations. It is a regular fixture on most-wanted and must-have security certification surveys.
The CISSP is designed for experienced security professionals. A minimum of five years of experience in at least two of (ISC)2’s eight common body of knowledge (CBK) domains, or four years of experience in at least two of (ISC)2’s CBK domains and a college degree or an approved credential, is required for this certification. The CBK domains are security and risk management, asset security, security architecture and engineering, communications and network security, identity and access management, security assessment and testing, security operations, and software development security.
(ISC)2 also offers three CISSP concentrations targeting specific areas of interest in IT security:
- Architecture (CISSP-ISSAP)
- Engineering (CISSP-ISSEP)
- Management (CISSP-ISSMP)
CISSP concentration exams are $599 each, and credential seekers must currently possess a valid CISSP.
An annual fee of $85 is required to maintain the CISSP credential. Recertification is required every three years. To recertify, candidates must earn 40 continuing professional education (CPE) credits each year for a total of 120 CPEs within the three-year cycle.
CISSP facts and figures
|Certification name||Certified Information Systems Security Professional (CISSP)|
Optional CISSP concentrations include: • CISSP Architecture (CISSP-ISSAP)
• CISSP Engineering (CISSP-ISSEP)
• CISSP Management (CISSP-ISSMP)
|Prerequisites and required courses||At least five years of paid, full-time experience in at least two of the eight (ISC)2 domains or four years of paid, full-time experience in at least two of the eight (ISC)2 domains and a college degree or an approved credential.Agree to the (ISC)2 Code of Ethics.Submit the CISSP application.Complete the endorsement process.|
|Number of exams||One for CISSP (English CAT exam: 100-150 questions, three hours to complete; non-English exam: 250 questions, six hours)|
One for each concentration area
|Cost of exam||CISSP is $699; each CISSP concentration is $599|
|Self-study materials||A variety of training materials is available, including instructor-led, live online, on-demand and private training. An exam outline is available for candidate review, as well as study guides, a study app, interactive flashcards and practice tests.|
Certified Information Systems Security Professional (CISSP) training
Given the popularity of the CISSP certification, there is no shortage of available training options. These include classroom-based training offered by (ISC)2, as well as online video courses, practice exams and books from third-party companies.
Pluralsight’s CISSP courses include 18 courses and 33 hours of e-learning that cover the security concepts required for the certification exam. Current courses include business continuity management, information classification, investigations and incident management, security controls and framework, communications and network security, cryptography application, risk and asset management, security architecture, security engineering, security management, personnel security, physical (or environmental) security, and more. Available for a low monthly fee, the CISSP is part of a subscription plan that gives IT professionals access to Pluralsight’s complete library of video training courses.
When you’re ready to test your security knowledge, you can take a simulated exam that mimics the format and content of the real CISSP exam. Udemy offers CISSP practice exam to help you prepare for this challenging exam.