Is the CISSP certification still relevant?

Bookmark This (opens in new window)

Some argue that, because more people have earned it, the CISSP certification is becoming less relevant.

The CISSP certification is not less relevant because more people are passing it – more people are passing it because there is a much higher demand for CISSP-certified professionals than at any time in the past. Information and business security are far more relevant than in the past, because more organizations are using information systems in increasingly-complex ways to support critical business processes.

In my opinion the growth of CISSPs is still not keeping up with the demand for such professionals. If anything, the certification is MORE relevant now than at any time before.

I disagree with the statement that it will become less relevant. On the contrary, as the number of people who earn the CISSP certification grows, the MORE relevant it will become! Say, for instance, 20 years from now, that 1/3 of all IT professionals have the certification. That would make CISSP *HIGHLY* relevant!

I think that maybe you are asking a completely different question. Today, having a CISSP gives relevance to the individual person who holds it. When CISSP is rare, having it makes the person more relevant. But if CISSP were to become plentiful, that would make the certification far more relevant.

Take MCSE. Lots of IT pros have it. The certification is *highly* relevant – so much so that it is practically a standard. A person who does *not* have the MCSE is not relevant. In many companies you can’t play in the game if you don’t have it. That sounds like high relevance to me.


7 thoughts on “Is the CISSP certification still relevant?


    Sure the CISSP certification is not the same in certification it was. But that does not decrease the overall relevance of the certification. The foundations of the certification are still very much relevant.

  2. Jim Clark

    The CISSP is and will be a valuable certification for years to come if for no other reason than it is one of a handful of certifications required for DoD military, government employees and contractors with privileged access to information systems. The government recognizes the growing need to verify a baseline competence for these workers.

  3. Pingback: Sidetracked - CISSP | Defending against lameness since 2008

  4. Glen

    The DoD now requires the CISSP for certain IT jobs. By having a CISSP you can qualify for every IA (info assurance) level in the DoD 8570, so this stands to boost the popularity of the CISSP even more.


  5. Rick

    As time passes, the CISSP becomes more difficult to pass because the candidate pool gets larger and better educated. Professional test developers know that any given test has to be continually updated and difficulty increased because the applicant pool keeps getting stronger. Think of the CISSP like the CPA. As one professional accountant said, ‘…you probably don’t need a CPA to be a good accountant, but the top accountants are always CPAs.’

  6. DoD 8570 -: Department of defense

    CISSP – Information Security Training -Department of defense 8570,DoD 8570,8570,Dod 8570-a,Dodd 8570 CISSP Certification – CISSP Training – Security Training- Logical Security – Shon Harris,Two new reports–from the Center forStrategic and International Studies (CSIS), and from the consulting firm Booz Allen and the non-profit Partnership for Public Service (PPS)–highlightserious shortfalls among the federal government’s cyber security work force.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.