Is The CISSP Right For Me?

Is The CISSP right for me? Is the CISSP worth it? Or, should I pursue another certification?

Many people have asked me these questions about the CISSP certification. 

Well, the goal of this article is to arm you with the best possible information so that you can make an informed decision about getting Certified Information Systems Security Professional (CISSP) certified.

Is the CISSP right for you? To answer that question, there are 3 things to consider.

It’s no secret that certifications are probably the BEST way to fast-track your security career. 

Certifications take some of the guesswork out of the hiring process and they prove that you have some level of knowledge, skill, or capability.   

But the CISSP has a HUGE advantage over any other certification out there.  More on that in a minute. 

About the CISSP Certification

If you didn’t know this already, the CISSP certification is the premier certification for all information security professionals. 

Since 1994, International Information Systems Security Certification Consortium – or (ISC)2 – has granted over 140,000 CISSP certifications. 

The CISSP was also the very first security certification to become ANSI/ISO/IEC 17024 accredited.  So, it has a long-standing history of proven success.

Is The CISSP Right For Me?

Only if you want to qualify for more job opportunities and higher pay. 🙂

Comparing the CISSP certification to the many other certifications out there, the CISSP beats all of them hands down.  Even the certifications others say are much better.

FACT: The CISSP is in HIGHER demand than any other security certification out there.

When I say higher demand, I mean WAY MORE in-demand.  Take a look:

Is The CISSP Right For Me?

This graph was made in December of 2021, but after teaching the CISSP certification for over 5 years now, I can tell you these numbers have not changed much. 

In fact, the numbers have grown more in the last year than I’ve ever seen before.

Why? Because the demand for cyber security professionals continues to grow.  And as of the year 2022, it is not slowing down either. 

If you want to see for yourself what kind of jobs are looking for CISSP holders, you can check out IndeedLinkedIn, and SimplyHired.

In my 20 years of experience, I have found time and time again that it’s more difficult finding a good job in security without the CISSP certification.  You’ll need a ton of skills and experience to compensate for not having it. 

“Is the CISSP right for me?” I think so…if you want one of those jobs. 🙂

Here is why. 

Benefits Of Being CISSP Certified

  • Have Job Security:  Get a hiring manager’s attention, rise above a sea full of other applicants,  and create massive job security with the CISSP.
  • Earn More Money:  Because CISSPs typically earn well over $100,000 per year, you can change your lifestyle, save more money for your retirement, and be able to invest more money to perfect your security skills and education.
  • Gain Instant Credibility:  The CISSP is well respected throughout the IT industry and provides you with instant credibility when consulting with a client, working with other IT or security peers, and even amongst your managers and executives.
  • Earn Respect:  Along with credibility, earning the CISSP certification is prestigious and can earn the trust, respect, and admiration of your family, friends, and co-workers. This can lead to better working relationships, and having a bigger impact on security all around you.

We already covered the fact that every hiring manager will be looking for “CISSP” on your resume somewhere, and you saw the crazy amount of job openings begging for CISSP certified candidates, right?

So, remember that advantage I mentioned earlier?  Well, here it is:  The endorsement process. 

Yes, there is a lot of material to know in order to pass the CISSP exam.  Yes, the exam is up to 3 hours long with anywhere from 100-150 questions. 

But what makes the CISSP awesome is that another CISSP certified individual must review and endorse your job experience. 

While other certifications “suggest” you have experience, the CISSP actually requires it.  And, they require another CISSP to verify and endorse that. 

This is HUGE when it comes to a certification!

That literally takes the guesswork out of the screening process for hiring managers, human resources, and a potential customer or client.    

Now, is the endorsement process perfect?  No, nothing is.  But this process has proven itself to be successful over time. The employer demand and industry recognition prove as much.

So, if you want to:

  • Have long term job security
  • Earn more money
  • Gain credibility within your company, customers, and clients

…the CISSP is worth it. 

Why You Should Get The CISSP Certification!

This one is hard, because I think everyone in security should have the CISSP certification for all of the reasons I pointed out earlier.   

But, maybe you’ve watched a video, read an article, or heard in some other way that you should not get the CISSP. 

The haters are out there, and I know plenty of them myself.  Usually, it’s because they failed the exam multiple times and got frustrated with it.  Or, they have something else negative to say about it because the CISSP is not “this” or “that”. 

Well, here is the thing:  who cares what “they” think?  They have their reasons for thinking what they think, and it has nothing to do with you or the CISSP.

The real question is:  What do you want in your life and career?

If you are:

  • Just starting to learn information security and not ready for the challenge
  • Not willing to invest your time and money to learn security or get certified
  • Think memorizing everything is going to help you pass any certification exam

…you should seriously consider why you want the CISSP – or any- certification for that matter. 

Really? Absolutely.  

Look, the CISSP is not a shortcut to success.  It’s really a journey of learning how to broadly apply security concepts as best you can to real-life information systems. 

What You’ll Need To Learn

The purpose of a certification is to certify that you understand, comprehend, or can apply the 8 CISSP knowledge domains:

  • Domain 1. Security and Risk Management
  • Domain 2. Asset Security
  • Domain 3. Security Architecture and Engineering
  • Domain 4. Communication and Network Security
  • Domain 5. Identity and Access Management (IAM)
  • Domain 6. Security Assessment and Testing
  • Domain 7. Security Operations
  • Domain 8. Software Development Security

So, as you can see, this is a lot to learn in order to pass this exam.  

So, if you’re new to security, and not quite up to the challenge of the CISSP, you can always start with the CompTIA Security+ or the (ISC)2 System Security Certified Professional (SSCP). 

These certifications have less material to learn, and they will set you up for success when you prepare for the CISSP afterward.

Preparation And Training Advice

What about the time and money we talked about earlier? 

To be honest, if you’re not willing to invest the time that it will take, or invest some money to learn the CISSP material properly, I recommend focusing on something else.    

The CISSP is considered – by some – to be the same as a Master’s Degree!  Not a Bachelor’s degree…but a MASTER’S degree!

Consider this:  To earn a Master’s degree, you are typically required to invest 6+ years of your time and over $50,000 to earn! 

If investing some time and money is keeping you from getting the result you want in your life and career, I recommend you consider another path.

The CISSP is worth it. It is worth the time you invest, and it is worth investing in a good training program to help you actually become a CISSP.

Can you pass the CISSP on the cheap?  Sure, you can.

But I’ll be honest with you:  It will most likely take 10 times longer doing it that way – and it will likely cost you an exam failure or 2.

The CISSP exam is expensive ($749).  It also costs the same amount of money…every time you take it.  So, I’d advise you to invest wisely.  

“Is the CISSP right for me?” Only if you are willing to put the work in to become a CISSP.   

Another issue with trying to cut corners on training is that you’re focused on memorizing a bunch of stuff, which is going to make it very hard to pass the CISSP exam. 

It’s more important to actually learn how to apply the security concepts from CISSP training than it is to “cram” and try to pass the exam. 

If you happen to get lucky and pass the CISSP exam by “cramming”, you’re probably going to struggle on the job, because you will have forgotten most of what you memorized.    

Instead, I recommend you find a good training program and a good mentor to help you with your CISSP preparations.  That way, you actually learn security from your studies, and not just memorize it. 

How Get Started With Your Preparations

If you have decided, “Ok…the CISSP is right for me” and want to take the next steps to earn the CISSP certification, I’d encourage you to check out our CISSP page.

We have videos, guides, webinars, and more that will help you prepare for the CISSP exam the right way.