If you’re reading this, it means you’re probably looking for an IT certification that can take your career to the next level.  

While there are hundreds of vendor-specific certification programs out there, the Certified Information Systems Security Professional (CISSP) stands out for a reason. This is due to the fact that CISSP is a vendor-neutral certification that focuses on IT infrastructure security. 

Now, moving to the question; is attaining a CISSP certification worth the effort?  

It is important to note that the answer to the question depends on who you ask. Many say IT certifications including CISSP are not worth the hassle needed to get them. The other camp believes that attaining a CISSP certificate opens doors in the tech industry and it’s beneficial to everyone. 

To determine if the CISSP certification is right for you, a thorough analysis of the CISSP program is needed.  

Thus, this article will follow the data, outline the facts, and help you come to a conclusion.  

At the end of the article, you will understand:  

• IT Professionals view of CISSP 
• CISSP’s effect on your earning potential 
• The myths about the CISSP certification 

Is the CISSP Program Worth the Time and Effort? 

Let’s start by getting some things straight. In order to become CISSP certified, you will be required to have some prior IT knowledge, a degree, and some work experience to pass the exam.  

You will also need to put in the hours to study the CISSP curriculum subject matter and practice exam questions.  

Knowledge of network security, risk management and security operations is needed. To acquire this knowledge, you can either self-study or join an instructor-led training program.  

Getting CISSP certified comes with its own responsibilities and requires you to put in the work. The cost of getting certified and acquiring the necessary technical knowledge to be successful are also considerations to keep in mind. 

Now, that you know the effort and cost that must be put into attaining a CISSP certificate, the question of whether or not it’s worth it remains.  

The answer can be broken down using a few of the different industries where IT security is viewed as a yardstick for employment.  

CISSP’s Importance Across Diverse Industries 

The importance of a CISSP certification across industries also has a role to play in determining its worth.  

As stated earlier, data and statistics will form the bulk of the analysis. Thus, the industry verticals analyzed, are industries that have tangible and reputable studies that can be referenced. 

Starting with the tech industry, a 2017 survey conducted by the Global Information Security and Workforce study showed that 25% of CISSP certified professionals believed their certification helped in increasing their salaries. 

In the healthcare industry where data security is important in securing patient information, 70% of the employers require an IT security certification for its employees. A further study went on to show that the majority of the healthcare listings for IT staff included the need for an IT certification as part of their professional requirements. This underscores the importance of CISSP and other related IT security certificates to employers in the healthcare industry.  

Across the defense industry, the picture is a bit more extreme when compared to other industries. In the United States, the Department of Defense (DoD) places special emphasis on the need for an IT certification for tech employees and external contractors.  

Having a CISSP certification or its equivalent is also an official policy the DoD follows in every state. Across the world, having an IT security certification is also the policy of most defense entities searching for employees. This means without a CISSP certification, working as an IT professional in the DoD is almost impossible. 

In the manufacturing industry, analyzing and managing data are where tech solutions are generally focused.  The security of databases and IT infrastructure are important in eliminating downtime, and IT security is a very important consideration. This means that many employers in this industry may require technical staff to have a CISSP certification. 

That being said, it is important to remember that the worth of a CISSP certificate is determined by the industry in which you plan to work. If you intend to pursue opportunities in the defense or healthcare industry, a CISSP certification drastically improves your chances of success. While in other industries, your hands-on experience and ability to solve problems on-demand may prove more useful than a CISSP certification.  

If remuneration and how much you can earn is the deciding factor regarding the value of the CISSP certification, then this section is for you.  

According to Robert Half’s 13 Highest Paying IT Jobs in 2019 article, security experts are the third highest paid professionals in the IT industry. The report went further to show that a CISSP certificate is the fourth most lucrative IT certification a professional can have.  

Over 50% of CISSP certified professionals believe that their certificate played a part in getting them their dream job. A substantial percentage also agreed that getting certified played a role in accelerating their climb up the professional ladder. Here again, the statistics are positive. A CISSP certification is a doorway to higher earnings and career progression.  

What Do Certified CISSP Professionals Say? 

Is there any better way to learn about the benefits of a program than from those who have completed it? The answer is definitely no, and if you are concerned that CISSP professionals may be biased, you can put your mind at rest.  

Using the percentage of people who say college wasn’t worth it as a yardstick, it is only fair to say professionals will speak their mind on the worth of their certifications.  

There are approximately 132,000 CISSP certified professionals across the globe and a few believe getting certified wasn’t worth the hassle. 

On the other hand, the majority of certified professionals believe that their CISSP certification has proved helpful as this interview by Newtrix shows.   Although a couple of certified professionals keep renewing their CISSP certification because of employers, the majority do it on their own accord. According to the interview by Newtrix, most professionals agree that their CISSP certification definitely paid off in the long run.  

Avi Solomon an IT Director believes becoming certified has helped him climb the corporate ladder. He also credits his CISSP certificate with helping him earn the trust of senior management staff in the law firm he works with.  

The IT manager at Delta Plastics also credits his CISSP certificate with making him a better leader, and also providing him with a pool from which to hire IT security pros.  

This shows that the majority of CISSP certified professionals believe they were helped in one way or the other by becoming certified. According to the interviewed CISSP professionals, the benefits and advantages of getting certified include: 

• Improved IT security skill set 
• Better job opportunities that serves as leverage when negotiating for higher wages 
• Credibility as a security expert both in the corporate world and in contractual/consulting capacities 
• Serving as an encouragement to stay on top of trends and to pursue professional development 

Analyzing the Job Opportunities 

For most people, pursuing a certification program is done with the aim of enhancing their ability to earn. Thus, having an understanding of the job market and how a CISSP certification could help is one more factor to be considered in determining its worth.  

So what does the data say? According to the US Bureau of Labor Statistics (BLS), the demand for IT professionals is set to grow by 22% between this year and 2020.  

A breakdown of this demand goes on to show that the demand for IT managers and security experts will grow by approximately 20% within this duration. These statistics further put a supporting number behind the belief of the CISSP professionals highlighted in the previous section. 

Across the globe, the demand for IT specialists is also increasing. According to cybersecurity Ventures, there will be 3.5 million new cybersecurity job openings by 2021. As things currently stand, there is a global shortage of cybersecurity professionals worldwide and ISACA puts the shortage gap at approximately 2 million.  

With the current shortage and expected growth in demand, it is only logical to conclude that CISSP certified professionals will continue to be in demand for the foreseeable future.  

In terms of remuneration, the numbers also look good.  The median pay of certified IT security professionals is between $80,000 and $115,000 USD.  

Experienced security experts can also choose to go the consultancy route and compliment their income with freelance gigs. 25% of CISSP certified professionals also believe that getting certified played a part in increasing their earning potential. This median salary and increased earning potential is due to the increased demand and the shortage of available security experts to meet it.  

In terms of industry reach, IT security experts are needed across most industries and this increases the job opportunities available to CISSP certified professionals.  

Any business where IT infrastructure is used requires safety measures to be put in place. So, the certified IT security expert can take advantage of job opportunities in the manufacturing sector, education, healthcare, engineering, tech, oil and gas industry and more. 

Does it Appeal to You?  

Finally, knowledge of self is the biggest determining factor between getting certified or overlooking the CISSP program.  

Even if all the data provided here and elsewhere highlight the benefits of attaining a CISSP certificate, an uninterested individual may still not decide to put in the effort needed to be successful.  

So, at the end of the day, what do you think? Is it worth it or not? 

Before answering these questions here are the pros once again:  

• The majority of IT professionals say it has proved helpful to their careers 
• The demand for certified security professionals is increasing by 20% all through 2019 and 2020  
• It substantially increases the earning potential of IT pros 
• It is one certificate employers look for when hiring due to its non-vendor specific nature 

 At the beginning of this analysis, we promised to provide all the relevant information that you need to know. So here are the cons:  

• The CISSP certification involves an investment of approximately $2,500  
• You will have to learn and participate in the programs in order to successfully pass the exams 
• The CISSP certificate must be renewed annually with an $85 payment  

So there you have it, all the information you need to determine whether or not the CISSP certification is worth it.  

As you can probably see, the cons outlined here are mostly financial in nature. This means choosing to pursue the CISSP is an investment with returns that are determined by how hard you are willing to work.  

Conclusion 

A CISSP certification highlights your understanding of IT security and gives credibility to your skills with IT security. Acquiring the certification definitely increases your chances in the job market, as well as your ability to earn more. These factors show that the studying effort and financial investment you put into getting certified will definitely be worth it.