Certified Information Systems Security Professional. Steps to Become One.
Certified Information Systems Security Professional: well that’s exactly what I’ll be showing you in this article. A certified information systems security professional (CISSP) is a self-governing information security certification established by the International Information System Security Certification Consortium, also known as (ISC)².
On December 31, 2018, there are 131,180 (ISC)² members holding the CISSP certification globally, in about 171 countries with the United States having the highest member count at 84,557 members.
In June 2004, the CISSP designation was attributed under the ANSI ISO/IEC Standard 17024:2003. It is also officially ratified by the U.S. Department of Defense (DoD) in both their Information Assurance Technical (IAT) and Managerial (IAM) categories for their DoDD 8570 certification requirement.
How to Become a Certified Information Systems Security Professional (CISSP)
1. Obtain Five Years of Security Work Experience
One important requirement to become a certified information security professionals that You must be able to present evidence of five paid full-time years of work experience in at least two of the eight CISSP CBK (Common Body of Knowledge) domains, which are Security and Risk Management, Asset Security, Communications and Network Security, Security Engineering, Identity, and Access Management, Security Assessment and Testing, and Security Operations Software Development Security. On-the-job experience is crucial for both the exam and the certification process.
2. Prepare For and Pass the CISSP Exam
Finish the CISSP exam with at least a score of 700 out of 1,000. The exam is six hours long and comprises of a mix of multiple-choice and advanced innovative questions.
The cost charge is $699. The (ISC)2 CISSP webpage offers a download of the exam summary as well as a link to a Study App (available through the App Store and Google Play for about $10).
You can also get the formal textbook and test your knowledge with CISSP Flash Cards. If perhaps you need more than self-study materials, (ISC)2 and lots of third parties offer CISSP in-class and online training.
Training costs vary widely, but the online self-paced course costs $2,750 through (ISC)2. In-class training will cost appreciably more. Before scheduling your exam with Pearson VUE, go over the background qualifications, which might exclude you from sitting for the exam.
3. Get Endorsed to Become a CISSP
Once you’ve finished the CISSP exam, you’ll have to subscribe to the (ISC)2 Code of Ethics and complete an endorsement form to become a CISSP. The authorization form must be signed by another (ISC)2 certified professional who is able to verify your professional work experience. You must submit the completed form within nine months of passing your exam to become fully certified because passing the exam doesn’t automatically grant you certification status.
After you become fully certified, you’ll have to maintain your credentials by recertifying every three years. CISSPs are required to pay an $85 maintenance fee during the three-year cycle ($255 total). They must also submit 40 continuing professional education (CPE) credits each year, for a total of 120 CPEs.
How To Prepare for the CISSP
CISSP professionals should be able to explain issues such as architecture and access control for protecting information system assets. In being able to explain these issues to clients and other stakeholders, the analyst must know how to assess the business or organization’s current operations policies for incident response and make recommendations to those concerned for improvements to business or organization security.
As part of the communication process, security analysts must compare and contrast different cryptographic protocols and be able to make recommendations based on this analysis of security needs.
Creating systems of policies, standards, procedures, and guidelines with clients and stakeholders in mind should be the end goal of a CISSP analyst who earns certification. In terms of technical knowledge, CISSP analysts must demonstrate proficiency in a number of areas. Proficiency in network architecture and design, being able to implement network architecture to anticipate threats and best use given sometimes limited resources.
This includes demonstrating a clear understanding of the software security application’s life cycle effectiveness. CISSP analysts also should have the ability to collect digital forensic evidence while maintaining the integrity of the evidence gathered. They also must demonstrate knowledge of physical security systems and how they add value to network security systems.
Reasons you Should Consider Adding a CISSP Certification to Your Accomplishments
1. Universally Recognized
The CISSP credential is a valued certification for most professionals and is highly respected by a majority of large, global majors like Google, P&G, IBM, etc. These organizations attest to the fact that the CISSP certification demonstrates an individual’s working knowledge of information security and commitment to their profession.
The US ISSEP has adopted this certification as a baseline for the NSA. And multiple sources have confirmed the CISSP certification as being one of the most recognized certifications in the IT industry.
2. Immense Popularity
(ISC)2 reports from May 2014, indicate that over 93,391 individuals have attained the CISSP credential in over 149 countries worldwide. Since its inception in 1989, the CISSP has been the most-popular IT security certification for over two and half decades.
As the oldest IT security certification in the world, the CISSP certification is considered the grand-daddy of certifications and has had almost three decades to develop, resulting in a vast body of know-how and expertise.
CISSP professionals earn a worldwide average salary that is 25% more than that of their non-certified counterparts. The average salary for a female CISSP falls between $73,627 and $111,638, while the average salary for male CISSP professionals is between $78,788 and $119,184, making this the highest paying credential in the IT industry.