Spoiler alert: yes it is !
The Certified Information Systems Security Professional (CISSP) is the most well known of all cybersecurity certs and considered the “gold standard” within information security
These last couple of years however have seen a backlash against cybersecurity certs within the wider community as senior professionals scoff at these “paper certs” which dont tell you anything about qualified a person is
It is now considered “cool” not to have a cybersecurity cert
I do understand SOME of the criticism as a lot of people just become cert factories and do every certification under the sun without any real world experience to back it up.
CISOs and companies are disappointed when they hire a (on paper at least) “certified” person and turns out he or she is not able to deliver on cybersecurity like they hoped
In the backlash against certs, the CISSP has also been targeted which I think is massively unfair as most of the criticism comes from people who a) do not understand what the CISSP is and b) what it tells you about a person
First let us take a quick look what the CISSP is
The CISSP cert
As per the exam outline itself
CISSP validates an information security professional’s deep technical and managerial knowledge and experience to effectively design, engineer, and manage the overall security posture of an organization.
The CISSP Common Body of Knowledge (CBK) consists of the below eight domains:
- Security and Risk Management
- Asset Security
- Security Architecture and Engineering
- Communication and Network Security
- Identity and Access Management (IAM)
- Security Assessment and…