CISSP or GSNA?

CV33CV33 Member Posts: 22 ■□□□□□□□□□
in GIAC
Just passed my CISA. I’m doing CRISC next to get a deeper understanding of IT Risk as the CISA just scrapes the surface.

After that, I’m wondering if CISSP or GSNA is better, thoughts?

(IT Auditor)
· Share on FacebookShare on Twitter

Comments

  • the_Grinchthe_Grinch Member Posts: 4,165 ■■■■■■■■■■
    I would go for the CISSP as it is better recognized and would better round out your skills.
    WIP:
    PHP
    Kotlin
    Intro to Discrete Math
    Programming Languages
    Work stuff
    · Share on FacebookShare on Twitter
  • CV33CV33 Member Posts: 22 ■□□□□□□□□□
    I don't disagree. I suspect that the GSNA is an expert level cert whereas CISSP is advanced.

    I wonder if the CISSP is too broad...
    · Share on FacebookShare on Twitter
  • CV33CV33 Member Posts: 22 ■□□□□□□□□□
    Does the CISSP explain the osi model and where system aceess comes into play at each layer?
    · Share on FacebookShare on Twitter
  • krucial85krucial85 Member Posts: 84 ■■■□□□□□□□
    Yes it does.
    "The way to succeed is never quit. That's it. But be really humble about it."
    · Share on FacebookShare on Twitter
  • TechGromitTechGromit Member Posts: 2,151 ■■■■■■■■■□
    CV33 wrote: »
    I’m wondering if CISSP or GSNA is better, thoughts?

    Depends on your goals, if you want knowledge, the GSNA is the way to go, if you want career marketability, CISSP. Try a search on any of the major job websites, type in GSNA and see how many hits you get. I found zero hits for one search and three hits on another website for Washington DC and up to 150 miles away, I tried CISSP next, 257 hits.

    SANS certifications are becoming more popular, perhaps in the future they will recognized as better overall certs, but CISSP is still the gold standard. The ISC was established in 1989 and CISSP came into existence in 1994, SANS wasn't established as a certification entity until 1999 and the GSNA came into existence in late 2002.

    The simple fact is unless you work in the security industry, chances are you never heard of GIAC, but most people in IT heard of the CISSP. I knew what CISSP was 10+ years ago, I didn't hear about the GIAC until it was a requirement for my position in 2015.
    Still searching for the corner in a round room.
    · Share on FacebookShare on Twitter
  • hilldhilld Member Posts: 42 ■■□□□□□□□□
    I personally think the amount of stuff you learn in the SANS courses with the accompanying GIAC certification will put you ahead technically, however, the CISSP will probably open more doors for you, especially with HR as that is probably the Gold standard for security certifications.
    · Share on FacebookShare on Twitter
  • E Double UE Double U Member Posts: 2,200 ■■■■■■■■■■
    Definitely CISSP!
    Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
    · Share on FacebookShare on Twitter
  • 636-555-3226636-555-3226 Member Posts: 975 ■■■■■□□□□□
    CISSP first for sure. Trust me, it'll get you much more well-rounded knowledge-wise and looks better on the resume.
    · Share on FacebookShare on Twitter
  • clintoniaclintonia Member Posts: 41 ■■□□□□□□□□
    Throwing in another vote for the CISSP. GIAC certs aren't bad at all, however CISSP will let you hit more HR filters for better job opportunities and give you more high level security knowledge about all of the major domains. From there, you can drill down into an area of interest.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.