Why CISSP certification matters

View all blog posts under Articles | View all blog posts under Online Master of Science in Management Information Systems

The Certified Information Systems Security Professional standard has an established tradition behind it, one that reaches back more than 20 years. Since the International Information System Security Certification Consortium (ISC)² began testing for and providing the CISSP designation in the mid-1990s, information technology professionals and those in many similar fields have pursued it.

Because CISSP serves as a clear indicator of broad-based, platform-agnostic competency in information security and can help professionals in the field further their careers, the decision to take the exam is a popular one for those with past experience in the world of digital security. That’s especially true for prospective and current students in the University of Alabama at Birmingham’s Master of Science in Management Information Systems degree program, who have already cultivated experience in the worlds of cyber security, systems, and management. Just as a master’s degree provides a critical second level of advanced education and a strong resultant knowledge base that is easily recognizable by colleagues and employers, the CISSP certification offers similar benefits.

Understanding exactly what goes into earning the CISSP designation and the opportunities it offers those who successfully sit for the exam is an important step in mapping future career plans, especially in terms of the management skills conveyed. With the MS MIS degree program focused on helping students cultivate effective management skills, a complementary certification offers clear support for professional development. Many UAB MS MIS students may find the benefits of certification valuable as they progress their careers, and some may choose to pursue other certificates and earned designations. Learning more about the CISSP standard and the advantages it offers is therefore valuable to every prospective and active learner in the MS MIS program.

Certified Information Systems Security Professional

What makes the CISSP designation so valuable?

The (ISC)² calls CISSP the most-esteemed cyber security certification in the profession on a global scale, and there’s no doubt about its widespread recognition in a variety of information security management roles. This type of industrywide acceptance is valuable for everyone who holds the designation. That’s especially true for those seeking new roles in other regions of the U.S. and foreign countries. No matter where a cyber security management position is based, all competent employers will recognize the added value of a candidate with CISSP certification.

What foundation is this high level of recognition for CISSP built upon? The dual emphasis on management and on-the-ground implementation is one key component. Certification holders demonstrate knowledge of effective cyber security efforts from a leadership perspective, including a deep, functional understanding of how to effectively spearhead a strong strategy and oversee the process as it’s delegated across a team or department. There’s also a focus on practical skills and the technical processes needed to make a cyber security strategy effective on the ground level. Ultimately, this means a CISSP-certified professional can take a cyber security plan from initial conception through the development and installation phases, and then monitor, adjust, and improve as necessary.

The CISSP designation is also an effective and powerful networking tool. Just as a bachelor’s degree in management information systems helps students develop connections and the MS MIS degree further strengthens and extends such networks, CISSP certification allows those focused on cyber security to similarly expand productive and mutually beneficial professional relationships as they interact through conferences and during continuing education opportunities. Because CISSP is so singularly focused on cyber security, it means certified professionals develop strong bonds with other knowledgeable leaders in their chosen field.

Another CISSP value to consider is the knowledge of modern, real-world information and threats that the certification provides. Drawing on education, work experience, and the intensive studying that occurs prior to sitting for the exam, the CISSP label is a clear indication that holders of this esteemed designation understand cyber security issues facing organizations in today’s fast-developing digital world. While this knowledge is often cultivated in significant part through prior education and work experience, CISSP codifies and standardizes it. The certification acts as a clear, instantly recognized achievement in terms of effective cyber security skills on a variety of useful levels. This is a powerful asset in day-to-day operations, as proof of competence to colleagues and subordinates and as a selling point when holders seek new opportunities in the field.

The path to CISSP certification

CISSP certification is a multistep, multiyear process when the education and experience factors are taken into account. This is one of the major reasons why the designation is so highly regarded across the world of cyber security. The exam preparation, which can involve many hours of study and review, is potentially the least time-consuming when the other requirements are considered.

Those wishing to sit for the exam should possess strong experience in the working world of cyber security as well as a relevant education. Specifically, all test-takers must have five years of paid, full-time employment in relevant positions that focus on at least two, if not more, of the eight cyber security and related domains covered in the CISSP common body of knowledge.

The eight domains are:

1. Asset security
2. Communication and network security
3. Identity and access management
4. Security assessment and testing
5. Security engineering
6. Security operations
7. Security and risk management
8. Software development security

This requirement can be lessened to an extent through one-year experience waivers offered for completing a four-year college degree in a related field or the current holding of a credential (ISC)² approves. A few examples include the Certified Cloud Security Professional, CyberSecurity Forensic Analyst, and Certified Internal Auditor designations. There is one alternative path for those wishing to take the CISSP exam who haven’t yet earned the required work experience. Passing the exam and earning an Associate of (ISC)² title means the sanctioning body provides a six-year window to develop the five years of work experience necessary for full certification.

The test itself is also a major undertaking, taking about six hours and involving 250 questions across all eight common-knowledge domains. The test is scored on a scale of 1000, with a 700 required to pass. Rigorous preparation is vital for success.

The significant requirements for potential test-takers is one of the clearest reasons behind CISSP’s relevance. Like similar high-level, widely respected titles in other professions, the CISSP exam limits applicants based on experience and education — to say nothing of the difficulty of the test itself. Those who complete the significant steps required to simply qualify to take the exam have already demonstrated a notable level of commitment to the process, and professionals who go on to earn the CISSP certification can put themselves in an elite class.

The career-focused benefits of CISSP certification

A CISSP designation can help professionals grow their careers in many areas. While not a guarantee for any individual seeking a specific role, the certification has proven beneficial to those who hold it. CRN magazine ranked CISSP as No. 4 on its list of 2017’s top money-earning certifications in the broad realm of technology-oriented careers. A salary survey of IT security professionals revealed holders of CISSP certification, as well as similarly prestigious titles such as CISA and CISM, averaged a salary of $101,000 versus non-certified professionals, who earned an average of $87,000 per year. For those in management roles, the divide is slightly smaller but still notable: CISSP and similar designations mean the difference between earning $130,000 on average in yearly salary and $121,000.

This practical consideration is vital for professionals in the field to consider: While compensation doesn’t have an impact on day-to-day duties, it’s a critical element of a successful career. Earning the CISSP certification can have a major impact on the financial bottom line of the professionals who successfully complete the exam.

Employers in the public and private sectors recognize the value of staff holding the CISSP designation. For example, the Department of Defense and National Security Agency both use it as an important component of their own certification and development processes. In a broader sense, businesses and governmental organizations across the globe recognize CISSP, allowing interested certification holders to broaden the scope of their job searches as well as the positions they seek.

Pursuing your MS MIS degree and working toward the CISSP certification at the University of Alabama at Birmingham

Professionals looking to take the next step in their education and careers can effectively do both at UAB. Within the Master of Science in Management Information Systems degree, students receive an effective educational experience geared toward those who want to take on managerial roles, develop further practical knowledge, and focus on cutting-edge issues and opportunities in the world of management information systems.

Along with the chance to cultivate skills in project management, IT governance, business intelligence, and data security, graduate students in the program can also dedicate valuable course hours toward CISSP areas of focus and preparation. With a concentration in cyber security management, students take four full classes, totaling 12 course hours, on topics closely related to CISSP. This foundational learning aids in preparation for the CISSP exam and provides valuable knowledge graduates can use throughout their careers as they move forward.

Ready to work toward your CISSP certification and Master of Science in Management Information Systems degree at the same time? Get in touch with an advisor to take the next step on your path of educational and professional growth.

Recommended Readings:
7 Reasons the MS MIS Degree is Right for You
How an MIS MIS Degree Brings Technology and Business Skills Together


ISC2,  CISSP – The World’s Premier Cybersecurity Certification
CRN Media, Top 15 Moneymaking Certifications For 2017
ISC2, Prerequisite Pathway for CISSP
InformationWeek, 5 Reasons Security Certifications Matter
Executive Services Directorate, DoD Directives Division