CISSP Certification – Is It Worth the Time/Effort

CISSP (Certified Information Systems Security Professional) is one of the biggest security-related certifications someone can get.

This certification is based on the Information Systems Security Certification Consortium’s CBK or Common Body of Knowledge.  The CBK has ten domains in which someone who wants to be certified must have knowledge of.

  1. Access Control
  2. Telecommunications and Network Security
  3. Information Security Governance and Risk Management
  4. Software Development Security
  5. Cryptography
  6. Security Architecture and Design
  7. Operations Security
  8. Business Continuity and Disaster Recovery Planning
  9. Legal, Regulations, Investigations and Compliance

Security continues to be a huge issue for our organizations.  When data is compromised, organizations run into many issues.

  • Customer anger
  • Litigation costs
  • Reputation loss
  • Bad publicity
  • Governmental and regulatory

So, those who have certifications such as CISSP, CompTIA Security+, CISM or any of the other security related certifications, are needed more and more.  Having a full understanding of security and how it relates to your business is now a major necessity.

This answers the question raised in the title of this post.  Taking the time and effort, and shouldering the cost of training and certification will more than pay for itself in the long run. Having someone on staff who can look at the business from a total security position will help you keep your business out of the news (for all of the wrong reasons).