CISSP – A Certification for Cybersecurity Leaders

2 November, 2020 | Della Wyler | Careers in IT, IT Certifications, IT Security

Looking to Excel Your Career with More Opportunities?

Do you want one of the most globally recognized certifications for information security professionals? If the answer is yes, then the Certified Information Systems Security Professional (CISSP) is the cybersecurity certification for you. The typical candidate for CISSP certification has at least 5 years of recent full-time professional work experience in at least 2 of the 8 domains within the CISSP Common Body of Knowledge (CBK). By holding a CISSP certification IT professional validate their skills to design, implement and manage a best-in-class cybersecurity program. CISSP certification holders also gain membership into (ISC)2 (International Information Systems Security Certification Consortium), which allows access to exclusive resources, tools and networking. CISSP professionals generally hold titles such as security manager, security analyst or chief information security officer, just to name a few.

 

What’s Covered on the Exam?

The CISSP Common Body of Knowledge (CBK) is the collection of 8 domains that cover comprehensive aspects of information security. To become certified, IT professionals need to show their expertise in each of the following domains:

  1. Security and Risk Management
    • Understanding concepts of integrity, confidentiality, and availability
    • Security governance vs. managementInformation Security Officer
    • Compliance
    • Understanding of professional ethics
    • Legal and regulatory issues
    • Business continuity and disaster recovery
    • Establishing personnel security policies and procedures
    • Apply fundamentals of risk management
    • Understanding threat modeling and methodologies
    • Building risk-based management concepts in supply chain
  1. Asset Security
    • Identification, classification, and ownership of information and assets
    • Classification of data
    • Data retention
    • Creating data security roles
    • System base-lining and hardening
  2. Security Architecture and Engineering
    • Implementation and engineering of secure design principles
    • Security models
    • Concepts for security capabilities of information systems
    • Cryptography
    • Security evaluation criteria
  1. Communications and Network Security
    • Creating and securing design principles in network
    • OSI reference model
    • Threats to network security
    • Firewalls
    • Establishing secure network components
    • Securing communication channels
  1. Identity and Access Management
    • Identify management to control the life-cycle for all assets in system
    • Managing authentication and identification of devices, people, and services
    • Understanding and integrating identity as a third-party service
    • Implementing authentication
    • Auditing
  2. Security Assessment and Testing
    • Common vulnerabilities
    • Assessing security control testing
    • Collecting secure data
    • Penetration testing
    • Facilitating security audits
  1. Security Operations
    • Understanding and supporting investigations
    • Logging monitoring activities
    • Asset inventory management
    • Concepts for foundational security operations
    • Understanding resource protection techniques
    • Incident management
    • Implementing and testing disaster recovery strategies
    • Business Continuity planning
    • Managing physical security as well as personnel security and safety
  2. Software Development Security
    • Identify and remediate software flaws
    • Software development methods
    • Effectiveness of software security
    • Evaluation of security impact
    • Software Development Life Cycle (SDLC)

As you can tell the CISSP domains are typically suited for professionals with work experience in networking and security. In order to bridge any gap, CISSP candidates must take a CISSP training course to cover the industry best practices for each domain.

 

Why Should I be Interested in Getting Certified?

Last year alone more than $150 billion was spent on cybersecurity defenses in the United States, by 2021, reports show a worldwide total of $1.5 trillion will be spent. With cybercrimes rising at an alarming rate, and the availability of qualified IT professionals decreasing this is the perfect time to consider building on your IT career. As of 2020 the average salary of CISSP professionals lingers above the $120k mark. The projected growth rate for this profession is higher than the industry average coming in at 11.1%, it is predicted that 3.5 million CISSP related jobs will be created by 2021. Now is the time to maximize your earning and career potential while standing out amongst your peers.

 

Click here to register for CISSP certification training.