Ready to Start Your Career?

When Should IT Pros Take CISSP Training?

GarrettsG2 's profile image

By: GarrettsG2

October 3, 2019

Security experts are in demand as organizations look to bolster their ranks; current predications suggest a shortfall of nearly 1.5 million trained professionals over the next few years.And despite employer efforts from booming salaries to new post-secondary programs supply can’t keep up1. This creates a unique opportunity for technology staff: With the right qualifications, they can rise quickly through corporate ranks and land the IT job they’ve always wanted.

Begin FREE CISSP Course >>

With rapid growth across the security certifications market, the best path forward isn’t always clear. While designations such as the Certified Information Systems Security Professional (CISSP) offer big benefits for infosec operations, architecture, and engineering careers, is this the best place to start?Here’s what you need to know about CISSP training, necessary experience, and the right time to get certified.

What is CISSP?

The CISSP certification is nearly 30 years old but remains relevant across organizations and industries. Why? It prioritizes comprehension of key technical controls, proficiency in vital security skills, and the ability to manage infosec teams at scale. The critical trifecta needed for IT professionals to design, evaluate, and implement essential security frameworks and defend businesses against emerging threats.As noted by Dark Reading2, this certification is often viewed as a “necessary benchmark” for careers and is used by C-suite members and HR staff to create shortlists of potential infosec candidates. Combined with the NIST NICE initiative which highlights key links between specific cybersecurity skills and key IT positions, CISSP certification offers substantial value for both IT professionals and prospective employers.

Experience and Expectations

While CISSP certification offers career advantages, it’s not a qualification that lends itself to completion after your first job in IT.To earn this designation, candidates must have five years of cumulative paid work experience across at least two of the CISSP common body of knowledge domains, which include:
  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security and Assessment Testing
  • Security Operations
  • Software Development Security
A paid and unpaid internship also qualifies as experience, so long as IT pros have official documentation to prove internship status.CISSP certification requires the successful completion of a 250 question exam. Students have three hours to complete the exam and must achieve a minimum score of at least 700/1000.You can also choose to sit for the exam without the required experience. If successful, you’ll be granted Associate status for six years — during which you must complete the five-year experience requirement to earn full certification.

Training for CISSP

CISSP has earned a reputation as the “gold standard” of operational security certifications. As a result, the exam is both complex and in-depth, containing multiple choice and written questions designed to test your knowledge of key processes, controls, and management skills.Here, training courses offer a way to shore up any knowledge gaps and ensure you’re fully prepared to take on the CISSP exam. If you can convince managers to part with some of their limited IT budgets, you can opt for in-person courses. These courses often carry substantial price tags and offer high-volume information delivery over several days of class.Free resources are also available in the form of an online CISSP training course that let you tackle critical concepts at your own pace. Need more help? Upgrade to premium experiences that include virtual labs and practice tests to ensure you’re on the right track to success.

Forging Your Own Path

While CISSP offers big benefits for IT pros and is a top priority for many C-suite executives looking to hire infosec experts, it’s not an entry-level certification. The depth of knowledge and experience required to complete the exam and earn the CISSP designation successfully make it a long-term goal rather than a short-term victory.But just because you can’t achieve CISSP certification right out of the gate, it doesn’t mean you’re out of infosec options. To help forge your path in IT and open career options along the way, consider alternatives such as:
  • Systems Security Certified Professional (SSCP) — This entry-level certification is designed for IT pros with one year of security experience across at least one domain of common knowledge.
  • Certified Cloud Security Professional (CCSP) — If you have an interest in cloud security and want to broaden your knowledge base on the way to CISSP certification, CCSP is a great starting point. While this qualification is cloud-focused, the increasing reliance on cloud-based resources and systems makes it an asset for any security professional.
  • CompTIA Security+ — Just getting started with your cybersecurity career? Not sure where your infosec interests lie or where you excel in IT defense? Start with Security+, designed to help IT pros develop the skills they need to deploy and manage effective security controls.
    •   

    Take Your Time

    CISSP certification remains one of the most sought-after qualifications in cybersecurity. But time and technical skill both matter here — if you’re a professional with at least five years of experience, make this benchmark a priority. If you’re just getting started, consider online training in entry-level designations to help streamline CISSP completion down the line.References:1. https://www.tripwire.com/state-of-security/featured/need-cyber-security-professionals/2. https://www.darkreading.com/why-the-cissp-remains-relevant-to-cybersecurity-after-28-years/a/d-id/1333178
Schedule Demo