Is the CISSP certification still worth it in 2023 ?

Taimur Ijlal
5 min readJan 22, 2023

Spoiler alert: yes it is !

Photo by RAMSHA ASAD on Unsplash

The Certified Information Systems Security Professional (CISSP) is the most well known of all cybersecurity certs and considered the “gold standard” within information security

These last couple of years however have seen a backlash against cybersecurity certs within the wider community as senior professionals scoff at these “paper certs” which dont tell you anything about qualified a person is

It is now considered “cool” not to have a cybersecurity cert

I do understand SOME of the criticism as a lot of people just become cert factories and do every certification under the sun without any real world experience to back it up.

CISOs and companies are disappointed when they hire a (on paper at least) “certified” person and turns out he or she is not able to deliver on cybersecurity like they hoped

In the backlash against certs, the CISSP has also been targeted which I think is massively unfair as most of the criticism comes from people who a) do not understand what the CISSP is and b) what it tells you about a person

First let us take a quick look what the CISSP is

The CISSP cert

As per the exam outline itself

CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.

The CISSP Common Body of Knowledge (CBK) consists of the below eight domains:

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management (IAM)
  • Security Assessment and



Taimur Ijlal

🔒 Cybersecurity Career Coach & Mentor | 🚀 I help professionals land high-paying Cybersecurity Jobs | Free Ebook ->