CAs, CGMAs and MBAs. We all know who they are.
But what’s a CISSP? If you do not know, that may soon change.
The reason is the events of Sept. 11 2001 combined with continuing problems caused by hackers and Internet viruses has more than tripled the number of CISSPs (Certified Information
Systems Security Professionals) to 20,000 worldwide from 6,000. And in the next couple of years that figure is expected to crest the 100,000 mark.
“”There is increased recognition that computer security is a separate profession within the IT arena,”” says Dow Williamson, spokesperson for the Vienna, Va.-based (ISC) 2, the issuing body for the CISSP designation. “”The demand by commercial and government organizations for security professionals with credentials has exploded.””
(ISC) 2, a non-profit organization created in 1989, hopes to strengthen trust in the global networked economy by promoting common security standards. Those standards are a moving target, and each year (ISC) 2 updates its body of knowledge with the help of security pros from around the world.
To be certified by (ISC) 2, you need at least four years of professional experience, and you need to pass a six-hour exam with 250 multiple choice questions that test your knowledge of IT security.
(ISC) 2 offers a five-day prep course leading up to the exam, which 75 per cent of the applicants sign up for, says Williamson. The cost of the course and exam is US$2,500.
Does having a CISSP designation make IT professionals more marketable?
“”Absolutely,”” says Williamson. “”An increasing number of want ads specify that a CISSP designation is either preferred or required.””
Growing interest in CISSP certification has resulted in (ISC) 2 creating a number of specialized concentrations, including one for the U.S. government designed in co-operation with the National Security Agency, the intelligence arm of the U.S. Department of Defence.
Williamson says there are 1,100 CISSPs in Canada, noting that (ISC) 2 offers both courses and exams each year in Toronto and Montreal.
A gold standard for security professionals sounds like a pretty good idea. At the very least, knowing your info-security cop has passed the CISSP exam is a good indication that he or she is on the ball.