The U.S. Government and Corporate America have been sounding the alarm bell for years:
There is quite a significant shortage of skilled security professionals in this country. Although numbers of candidates would be varying among various sources, it is safe to say that the U.S. is going to lack upwards of 350,000 security professionals as of the year 2017, and the global shortfall for such jobs is expected to reach about 3.5 million by the year 2021. Almost every day, around 10,000 positions are going to be available on U.S. job sites that request a CISSP.
The CISSP which is the abbreviation of Certified Information Systems Security Professional is a considered to be a seasoned employee or consultant, usually with a title like Security Manager, Chief Information Security Officer or Security Analyst, just to name a few. This person would going to be on the job for five or more years, and would also be having the thorough knowledge of the IT threat landscape, including emerging as well as advanced persistent threats, and controls and technology in order to minimize attack surfaces. A CISSP would also be going to create the policies that would set a framework for proper controls and can perform or oversee the risk management as well as software development security.
Here is what you would be needing to become a CISSP through (ISC)2:
- Obtain Five Years of Security Work Experience:
You should be able to show proof of five paid full-time years of work experience in at least two of the eight domains of CISSP Common Body of Knowledge (CBK), which are Asset Security, Identity and Access Management, Security Engineering, Communications and Network Security, Security and Risk Management, Security Operations, Software Development Security and Security Assessment and Testing. On-the-job experience is considered to be crucial for both the exam and the certification process.
- Passing Score and Exam Cost:
The candidates are going to complete the CISSP exam with a minimum score of 700 out of 1,000. The exam is going to have six hours long and also going to include a mixture of multiple-choice and advanced innovative questions. It would again cost you about $699. The (ISC)2 CISSP webpage offers the candidates the exam outline as well as a link to a Study App which would be available through the App Store and Google Play just for about $10. You could also obtain the official textbook and also would be testing your knowledge with CISSP Flash Cards. You are also going to need self-study materials, (ISC)2 and a lot of third parties are also going to offer CISSP in-class and online training. Training costs would be varying widely, but the online self-paced course would be costing about $2,750 through (ISC)2. So, if you are looking for such courses, you could gain training courses which are provided by the SPOTO.
- Get Endorsed to Become a CISSP:
Once you have completed the CISSP exam, you will then have to subscribe to the (ISC)2 Code of Ethics and complete an endorsement form in order to become a CISSP Credential Holder. The endorsement form must be signed by another (ISC)2 certified professional who would be able to verify your professional work experience. You should also submit the completed form within nine months of passing your exam in order to become fully certified because passing the exam which doesn’t automatically going to grant you certification status.
After you become fully certified, you would have to maintain your credential by recertifying it every three years. CISSPs are required to pay a maintenance fee during the three-year cycle which per year is about $85 ($255 total). They would then have to submit 40 CPE (continuing professional education) credits each year, for a total of 120 CPEs. For more training, you should join the SPOTO and gain courses offered by them.