Ready to Start Your Career?
August 22, 2018
CISM Certification: What’s the Benefit, and Why Does it Matter?
August 22, 2018
August 22, 2018
Get CISM Certified: The benefits and meaningThere aren’t enough information security professionals to go around. That’s the word from a recent ISACA report, which found that 60 percent of organizations had open security positions which took on average three months to fill.For job-seekers looking to break into the infosec market or upgrade their existing security career, this seems like a golden opportunity. The caveat? It’s not limited budgets that keep companies from hiring new information security pros — it’s lack of skills.Breaking out of front-line work and into infosec management now means finding the right combination of on-the-job training and recognized certifications. But with so many certifications and courses now available, what’s the best way to jump-start an infosec management career? CISM certification. Here’s why.
What is CISM?Certified information security manager certification is an advanced program designed for IT pros with the knowledge and experience to develop and manage information security programs. Often, technology professionals have been doing this job for months or years without any formal title or recognition and may be looking to move up in their own organization or apply for new jobs elsewhere.CISM is one of the most popular infosec certifications available and is accredited by ANSI under ISO/IEC 17024:2003. Achieving the certification requires the successful completion of a 200-question multiple choice exam that covers information security management, risk management, security program development and security incident management. CISM exams are administered three times a year and are valid for three years after successfully completing the exam. In addition, successful candidates must agree to the CISM code of Professional Ethics. Qualifications for taking the exam include five years of infosec experience and three years of management experience gained within a 10-year period prior to the application date. While any IT pro with enough experience can pay the fee and write the exam, CISM training courses help prepare applicants for common challenges and reduce the likelihood they’ll have to retake the exam.
Why Does it Matter?With so many infosec professionals already doing management work and gaining the expertise necessary to develop information security systems, why does the CISM certification matter?
- Validates Experience
- Improves Autonomy
- Enhances Compliance
How Will it Benefit My Career?Equipped with CISM certification, how can IT pros expert their career to improve?Better compensation tops the list — as noted by the Infosec Institute, top-tier CISM-certified professionals command salaries of more than $200,000. In addition, this certification lets professionals move up more quickly in their own organization or ask for written changes to their job description which reflect their new expertise. The certification also benefits IT managers looking to change jobs or shift into other industries. As noted above, limited skillsets are the limiting factor when it comes to infosec hiring; staff with the right qualifications will quickly get noticed by IT recruiters and can use that interest to either switch jobs or demonstrate to current employers that a re-evaluation and benefits are in order.
Earning CISMInformation security managers fill a critical role in a company’s infosec strategy. Not only are they in charge of shoring up the existing defense, ensuring compliance and implementing new security tools, they’re also responsible for ensuring that infosec initiatives align with large-scale business objectives.Bottom line? This management-level certification can be challenging to obtain but provides significant benefits for IT professionals looking to move up in their current organization or discover a new career opportunity.
TL;DR:Certified information security manager certification is an advanced program designed for IT pros with the knowledge and experience to develop and manage information security programs. Achieving the certification requires the successful completion of a 200-question multiple choice exam that covers information security management, risk management, security program development and security incident management. With so many infosec professionals already doing management work and gaining the expertise necessary to develop information security systems, why does the CISM certification matter? The CISM certification effectively codifies this experience — instead of companies having to track down, sources for experience earned or skills demonstrated, CISM certification establishes up-front that infosec staff is management material who have put in the work to earn this designation.
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry