Community Manager at Infosec!
Who we are | What we do
5 Best information security management certifications
Infosec_Sam
Admin Posts: 527 Admin
in CISSP
For anyone looking into the CISSP, here's an article that talks a bit about some other certifications in the same space, and what each of them are best for. Clearly, the CISSP is at the top of the list, as it's widely considered the most in-demand ISM cert. The other certs that were mentioned on this list were:
Full article here
- CISSP-ISSMP
- CISM
- CISA
- CCISO
Full article here
Comments
-
dinger68 Registered Users Posts: 19 ■■■□□□□□□□I personally don't think that CISA should be on the list for a Security Manager. I also feel that the CCISO is not that difficult to get and doesn't fully represent the skills or knowledge needed to be a CISO. Again, just my opinion.
-
Clm Member Posts: 444 ■■■■□□□□□□Infosec_Sam said:For anyone looking into the CISSP, here's an article that talks a bit about some other certifications in the same space, and what each of them are best for. Clearly, the CISSP is at the top of the list, as it's widely considered the most in-demand ISM cert. The other certs that were mentioned on this list were:
- CISSP-ISSMP
- CISM
- CISA
- CCISO
Full article hereI find your lack of Cloud Security Disturbing!!!!!!!!!
Connect with me on LinkedIn https://www.linkedin.com/in/myerscraig -
Infosec_Sam Admin Posts: 527 Admindinger68 said:I personally don't think that CISA should be on the list for a Security Manager. I also feel that the CCISO is not that difficult to get and doesn't fully represent the skills or knowledge needed to be a CISO. Again, just my opinion.
-
Infosec_Sam Admin Posts: 527 AdminClm said:Sam what is your background in Infosec?
-
PC509 Member Posts: 804 ■■■■■■□□□□dinger68 said:I also feel that the CCISO is not that difficult to get and doesn't fully represent the skills or knowledge needed to be a CISO. Again, just my opinion.
-
JDMurray Admin Posts: 13,099 AdminThis list should be amended to include the GIAC management certs GSLC and GSTRT.
There are also SANS management training classes with no corresponding GIAC cert, such as MGT535: Incident Response Team Management.
And yes, there are very few certs designed specifically for information security managers (of people), such as myself. -
cyberguypr Mod Posts: 6,928 ModI think your local flavor of CIPP should be in this list, especialyl if you are in healthcare, finance, or .edu sectors.
-
Infosec_Sam Admin Posts: 527 Admincyberguypr said:I think your local flavor of CIPP should be in this list, especialyl if you are in healthcare, finance, or .edu sectors.
-
paul78 Member Posts: 3,016 ■■■■■■■■■■Infosec_Sam said:I've seen some discussion about the CIPP recently, but I'm not exactly sure which type of role it would be best for. I see some mention about compliance specialists benefiting from it, as well as product/security managers. I guess my question is: What does the CIPP do better than some of the other certs on that list?CIPP is targeted at privacy professionals - not necessarily security professionals. However, it's often useful for a security professional that secures data for privacy reasons to understand the various privacy mandates and obligations.In the US, privacy is not considered a right like in many other countries (except for maybe in California) and privacy in the US tends to be sectorial in nature and geared towards financial loss. For security managers, it's actually useful to understand the intersection of privacy and security - and where certain topics overlap.
-
JDMurray Admin Posts: 13,099 AdminRealize that there are managers of people, managers of devices, and managers of information. Think of which category a "management" cert fits. Managers of people (like me) are not necessarily interested in certs of the other management types.
-
paul78 Member Posts: 3,016 ■■■■■■■■■■JDMurray said:Managers of people (like me) are not necessarily interested in certs of the other management types.That's actually a super good point - I actually didn't have any certs for the first 2 decades of my career. I only got them because I was curious about them.@Infosec_Sam - I probably should have mentioned re:CIPP - that I learned about that certification from lawyers that I work with. The IAPP was started by a lawyer and I believe that it originally targeted lawyers - at least when I first learned of it, the only people that I knew that had a CIPP were lawyers.
-
UnixGuy Mod Posts: 4,570 ModIn consulting, CISA is considered an entry level cert for junior consultants...CISSP/CISM are more aligned with InfoSec management positions
-
JDMurray Admin Posts: 13,099 AdminI just found out the SANS MGT517 and MGT535 courses have been discontinued. Details on blog at https://montance.blogspot.com
-
isc2cisspbouncr Member Posts: 12 ■■■□□□□□□□dinger68 said:I personally don't think that CISA should be on the list for a Security Manager. I also feel that the CCISO is not that difficult to get and doesn't fully represent the skills or knowledge needed to be a CISO. Again, just my opinion.Agree that CISA should be for auditors. I know a few CISA folks and they keep going: You should do this and you should do that........... Drove me nuts as I'm a very operations Do this and do that type of person.ITIL | PMP | Security+ | CISM | CISSP (Endorsing)
-
isc2cisspbouncr Member Posts: 12 ■■■□□□□□□□cyberguypr said:I think your local flavor of CIPP should be in this list, especialyl if you are in healthcare, finance, or .edu sectors.
ITIL | PMP | Security+ | CISM | CISSP (Endorsing) -
JDMurray Admin Posts: 13,099 AdminGDPR is a serious thing for any organization that does business with EU customers. The fines for violations are very large and very real. We'll see how France does collecting its GDPR fine of Google.
CIPP/E Certification
-
isc2cisspbouncr Member Posts: 12 ■■■□□□□□□□JDMurray said:GDPR is a serious thing for any organization that does business with EU customers. The fines for violations are very large and very real. We'll see how France does collecting its GDPR fine of Google.
CIPP/E Certification
ITIL | PMP | Security+ | CISM | CISSP (Endorsing)