Ready to Start Your Career?
October 3, 2019
When Should IT Pros Take CISSP Training?
October 3, 2019
Security experts are in demand as organizations look to bolster their ranks; current predications suggest a shortfall of nearly 1.5 million trained professionals over the next few years.And despite employer efforts from booming salaries to new post-secondary programs supply can’t keep up1. This creates a unique opportunity for technology staff: With the right qualifications, they can rise quickly through corporate ranks and land the IT job they’ve always wanted.
What is CISSP?The CISSP certification is nearly 30 years old but remains relevant across organizations and industries. Why? It prioritizes comprehension of key technical controls, proficiency in vital security skills, and the ability to manage infosec teams at scale. The critical trifecta needed for IT professionals to design, evaluate, and implement essential security frameworks and defend businesses against emerging threats.As noted by Dark Reading2, this certification is often viewed as a “necessary benchmark” for careers and is used by C-suite members and HR staff to create shortlists of potential infosec candidates. Combined with the NIST NICE initiative which highlights key links between specific cybersecurity skills and key IT positions, CISSP certification offers substantial value for both IT professionals and prospective employers.
Experience and ExpectationsWhile CISSP certification offers career advantages, it’s not a qualification that lends itself to completion after your first job in IT.To earn this designation, candidates must have five years of cumulative paid work experience across at least two of the CISSP common body of knowledge domains, which include:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security and Assessment Testing
- Security Operations
- Software Development Security
Training for CISSPCISSP has earned a reputation as the “gold standard” of operational security certifications. As a result, the exam is both complex and in-depth, containing multiple choice and written questions designed to test your knowledge of key processes, controls, and management skills.Here, training courses offer a way to shore up any knowledge gaps and ensure you’re fully prepared to take on the CISSP exam. If you can convince managers to part with some of their limited IT budgets, you can opt for in-person courses. These courses often carry substantial price tags and offer high-volume information delivery over several days of class.Free resources are also available in the form of an online CISSP training course that let you tackle critical concepts at your own pace. Need more help? Upgrade to premium experiences that include virtual labs and practice tests to ensure you’re on the right track to success.
Forging Your Own PathWhile CISSP offers big benefits for IT pros and is a top priority for many C-suite executives looking to hire infosec experts, it’s not an entry-level certification. The depth of knowledge and experience required to complete the exam and earn the CISSP designation successfully make it a long-term goal rather than a short-term victory.But just because you can’t achieve CISSP certification right out of the gate, it doesn’t mean you’re out of infosec options. To help forge your path in IT and open career options along the way, consider alternatives such as:
- Systems Security Certified Professional (SSCP) — This entry-level certification is designed for IT pros with one year of security experience across at least one domain of common knowledge.
- Certified Cloud Security Professional (CCSP) — If you have an interest in cloud security and want to broaden your knowledge base on the way to CISSP certification, CCSP is a great starting point. While this qualification is cloud-focused, the increasing reliance on cloud-based resources and systems makes it an asset for any security professional.
- CompTIA Security+ — Just getting started with your cybersecurity career? Not sure where your infosec interests lie or where you excel in IT defense? Start with Security+, designed to help IT pros develop the skills they need to deploy and manage effective security controls.