CISSP certification: Requirements, training, exam, and cost

• Career advancement and recognition: CISSP certification validates your prowess as a cybersecurity professional and can open up opportunities to higher-paying positions with greater responsibilities and increased prominence in the organization.
• Improved job candidacy: CISSP certification signals to potential employers your prowess with and commitment to the craft of cybersecurity. The fact that the CISSP requires five years of hands-on experience will also help you stand out in your job search.
• Increased knowledge and skills: The training process involved in achieving CISSP certification will expose you to a wide range of technical skills, thereby elevating your knowledge as a security pro, including areas such as security architecture, risk management, and cryptography.
• Additional job security: By demonstrating your commitment to IT security and validating your skills are up-to-date, CISSP certification can not only make you a more valuable member of your security team but also ensure you are perceived as one, thereby improving your job security longer term.
• Networking opportunities: By achieving your CISSP and joining the various communities for CISSP certification holders, including the ISC2 community, you will gain access to opportunities for knowledge sharing, collaboration, mentorship, and employment.

CISSP exam cost

Registration for the CISSP is $749 in the United States, and the same price or a close equivalent in local currency elsewhere. ISC2 also charges a reschedule fee of US$50 (or local equivalent), with a cancellation fee of US$100 (or local equivalent). But that is just for the exam. Most study guides and training courses for the CISSP exam are not free and should be considered when weighing whether to pursue the certification.

To maintain their certification, CISSP holders must pay an annual maintenance fee of US$135, due on the anniversary of your certification date. (Those with multiple ISC2certifications pay that fee once per year for all of them.) If you’ve passed the exam but haven’t met the work experience requirement yet, you’re considered an “Associate of ISC2” and pay only US$50 a year until you do achieve the experience requirements.

Is CISSP worth it? CISSP salary 

Not all certs are created equal, but the nearly universal assessment is that the not-insignificant costs associated with the CISSP certification will come back to those who are certified in the form of higher compensation. According to ZipRecruiter, CISSPs make on average $112,000 a year. SkillSoft, however, pegs the average salary of a CISSP holder at $156,669 in its IT Skills and Salary Report, among the top 15 for certifications across IT.

Beyond salary, CISSP certification is the most popular certification requirement for cybersecurity job postings, thereby opening avenues of employment to CISSP holders that would otherwise not be available without the credential.

Anecdotally, many CISSP holders feel like the certification validates a career’s worth of hard work, demonstrating not just their knowledge but their experience. Especially if you’re trying to break into infosec from an adjacent field elsewhere in IT, that can go a long way.

CISSP vs. CISM

Because CISSP covers some management-related material, you may be wondering about the difference between it and Certified Information Security Manager (CISM), another popular infosec certification. In a nutshell, a CISSP certification demonstrates in-depth technical knowledge over a broad range of security domains, along with an understanding of managerial responsibilities. CISM, on the other hand, is more strongly oriented towards managers, with an emphasis on understanding infosec incentives from a business point of view.