Is it worth having both the CISSP and the CISM

adebluadeblu Posts: 4Registered Users ■□□□□□□□□□
I passed my CISM two years ago, and now I'm studying for the CISSP. Is it worth having both? It almost seems like the same content. How beneficial job hunting wise is it to have both? Who has both and how marketable has it made you?

Comments

  • mattster79mattster79 Posts: 135Registered Members ■■□□□□□□□□
    Made a big difference for me. I also see lots of job postings asking for both certs.
    CISSP
    CISM
  • TechGuru80TechGuru80 Posts: 1,534Registered Members
    Jobs in the U.S. are usually one of the two...but CISSP is seen as the gold standard so it will show up more frequently, where the CISM is a lot less known. I believe there is only like 30,000 CISM worldwide and around 80,000 CISSP in the U.S., which is more a testament of how many people will be familiar with one over the other not necessarily an exclusive club like with a CCIE for example.
  • tedjamestedjames Posts: 859Registered Members ■■■■□□□□□□
    Most people I know earn CISSP first and then earn CISM only if they want to move into management/leadership positions, such as CISO or CIO. It's true that CISSP will open more doors for you.

    A former co-worker earned CISSP and then sat for the CISM exam a few years later without studying. He said there was a lot of crossover.

    If I were in your shoes, I'd pursue CISSP. Having CISSP and CISM together will do you a lot of good, depending on your career goals.
  • DZA_DZA_ Posts: 188Registered Members ■■■□□□□□□□
    mattster79 wrote: »
    Made a big difference for me. I also see lots of job postings asking for both certs.

    I'm literally writing my CISM this Saturday morning. icon_sad.gif I'm anxious to get it over with!

    Cheers,
    DZA_
  • mattster79mattster79 Posts: 135Registered Members ■■□□□□□□□□
    DZA_ wrote: »
    I'm literally writing my CISM this Saturday morning. icon_sad.gif I'm anxious to get it over with!

    Cheers,
    DZA_

    Good luck for tomorrow 👍🍀
    CISSP
    CISM
  • beadsbeads Posts: 1,403Registered Members
    TechGuru80 wrote: »
    Jobs in the U.S. are usually one of the two...but CISSP is seen as the gold standard so it will show up more frequently, where the CISM is a lot less known. I believe there is only like 30,000 CISM worldwide and around 80,000 CISSP in the U.S., which is more a testament of how many people will be familiar with one over the other not necessarily an exclusive club like with a CCIE for example.

    ISC(2) recently proclaimed 125,000 certified individuals in the the January/February 2018 Information Security Magazine. I have no clue as to the number of CISMs out there but its hard to argue with the ISC(2)'s marketing and public relations departments.

    - b/eads
  • TechGuru80TechGuru80 Posts: 1,534Registered Members
    beads wrote: »
    ISC(2) recently proclaimed 125,000 certified individuals in the the January/February 2018 Information Security Magazine. I have no clue as to the number of CISMs out there but its hard to argue with the ISC(2)'s marketing and public relations departments.

    - b/eads
    Ah was that 125,000 worldwide or the United States?...I was just looking at ISC2 website so they must not have updated that yet. I am sure some of it has to do with when the certifications were originally released but I've never heard rumblings that CISM will overtake the CISSP at least not anytime soon.

    https://www.isc2.org/About/Member-Counts
    https://www.isaca.org/About-ISACA/Press-room/Pages/ISACA-Certifications-by-Region.aspx
  • adebluadeblu Posts: 4Registered Users ■□□□□□□□□□
    Thank you all for your insight. I guess having one is better than having none, but having both will help me stand out. And yes, CISSP is noticed more than the CISM. I guess I should have gotten it first.
  • anilkumartranilkumartr Posts: 13Registered Members ■□□□□□□□□□
    Good to have both the certifications. especially out side US.
  • talbert80talbert80 Posts: 27Registered Members ■□□□□□□□□□
    It's good to have both, specifically if in management or leadership roles.
  • H-bombH-bomb Posts: 88Registered Members ■■□□□□□□□□
    Get both! IMO I think passing the CISSP first, gives you a great advantage and foundation of the concepts required to clear the CISM. This is comming from someone who wrote (and passed) both exams in the past 1.5 months.
  • talbert80talbert80 Posts: 27Registered Members ■□□□□□□□□□
    I completely agree with H-bomb. I took the CISSP first. Then COBIT Foundation and Implementation (the company required COBIT training). I cleared the CISM is less than 1.5 hours. If you can pass the CISSP, you can pass the CISM. But understand governance and risk management.
  • Info_Sec_WannabeInfo_Sec_Wannabe Senior Member Posts: 329Registered Members ■■□□□□□□□□
    H-bomb wrote: »
    Get both! IMO I think passing the CISSP first, gives you a great advantage and foundation of the concepts required to clear the CISM. This is comming from someone who wrote (and passed) both exams in the past 1.5 months.

    I'm currently doing it the other way around. Sat for CISM in December and hoping to sit for (and pass) CISSP in March 2018.
    Three year plan: (2018 ) CISSP [X] and eJPT [ ]; (2019) eCPPT [ ]; (2020) OSCP [ ]
  • H-bombH-bomb Posts: 88Registered Members ■■□□□□□□□□
    You got this!!!
  • laurieHlaurieH Posts: 86Registered Members ■■□□□□□□□□
    I guess it depends a lot on what you want to do. From what I've seen often they ask for CISSP and/or CISM partly because they don't really know the difference and may accept one in lieu of the other. CISSP is harder (from what I've heard) but if you need it I'm sure you can get it.
    CCNA - expired
    CISSP - live n' kickin'
    My CISSP study apps
    My CISSP study advice blog
Sign In or Register to comment.