SSCP Value - In relation to new CISSP Req's

I was wondering about something and wanted to get a few opinions on the subject. Why is it that there are only 589 SSCP certified individuals? Compared to the nearly 50,000 CISSP count, considering that the CISSP is supposed to be so much harder to obtain, it seems out of cater for 2 certification tracks by the same organization (ISC2).

Is the SSCP a worth while cert at all? Do employers know about it? Does anyone think it will gain in popularity when the new CISSP requirements kick in?

My questions stem from a couple of factors, but mainly because I noticed the SSCP is now an accepted elective towards the MCSA:Security specialization. I was planning on taking the ISA 2004 exam to fulfill the requirement, until I saw the SSCP. I thought it would be a better all-around certification. But I am thinking the SSCP might be a cert with a very low ROI, unless the new (more strict) requirements for the CISSP make the SSCP increase in popularity.

Opinions?

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

keatron

Hey Mark.

I think the problem with SSCP is it was never seriously marketed. Not only that, it was created AFTER the CISSP gained the reputation of being the "Gold Standard" of information security certs. So whoever was qualified (and even those who weren't) attempted the cert. One of my employees just got his CISSP back a few months ago, and his ID Number is something like 130765, that means at least 130,765 people have attempted the exam. My license number is 808XX, so when I got mine almost 3 years ago, the count of attempts was at 80,000. So it's pretty safe to assume that out of 131,000 tries, only 50,000 have been successful. Whereas the SSCP percentages are A LOT higher than that. It's just hard for SSCP to compete with CISSP when it's marketed so heavily and hyped by the media so much. In some places, (many places), you can walk in and say the sky is falling; if you've got CISSP behind your name, they will believe it's actually falling. So with that kind of hype, and SSCP being considered "the baby brother" it's not so shocking.

By the way, ISA is a good one.

ajs1976

sprkymrk wrote:

My questions stem from a couple of factors, but mainly because I noticed the SSCP is now an accepted elective towards the MCSA:Security specialization. I was planning on taking the ISA 2004 exam to fulfill the requirement, until I saw the SSCP. I thought it would be a better all-around certification. But I am thinking the SSCP might be a cert with a very low ROI, unless the new (more strict) requirements for the CISSP make the SSCP increase in popularity.

I know it shows up in the cert planner, but did you see if somewhere else? The reason i'm asking is that I read in another forum where someones emailed MS and they were told the listing was not right and it would be removed the next time the cert planner was updated.

I don't know how valuable the cert is. When I was looking through Security job ads recently to see how popular the CIW: Security cert was, I only saw the SSCP mentioned a few times. If a certification was mentioned it was usually the CISSP, followed by the Security+.

sprkymrk

Thanks for the replies guys. Keatron, what you say makes sense, but what about the near future? Will it gain some momentum with the CISSP requirements being stiffened up? Will more people go for it as a stepping stone now?

ajs1976 wrote:

I know it shows up in the cert planner, but did you see if somewhere else? The reason i'm asking is that I read in another forum where someones emailed MS and they were told the listing was not right and it would be removed the next time the cert planner was updated.

Thanks for that information ajs. I just saw it in the cert planner, that's all. It was curious that I hadn't heard about it before.

Based on these factors I think I will stick to my original plan of ISA 2004 for now.

JDMurray

It is all about marketing. Look at how CompTIA pushes the Security+ cert, and how well Security+ does compared to the SSCP, despite the fact that the (ISC)2 has a much better reputation for InfoSec credibility than CompTIA. With the (ISC)2 just releasing the first edition of the Official (ISC)2 Guide to the SSCP CBK, I am expecting that an increased marketing campaign for the SSCP is in the works. It makes sense that anyplace the Security+ cert fits the SSCP can also be marketed as a "Security++" cert there as well. But the bottom line is will the marketing campaign cause employers to increasingly accept the SSCP as a verification of knowledge that they need their employees to have.

ajs1976

The Sec+, SSCP, and CISSP are all on my (I would like) to-do list. I would like to get to Sec+ next year, but the other two are going to wait awhile.

On a scale of 1 to 20, if the Sec+ is a 1 and the CISSP is a 20, were does the SSCP fall?

Webmaster

ajs1976 wrote:

On a scale of 1 to 20, if the Sec+ is a 1 and the CISSP is a 20, were does the SSCP fall?

I'm obviously not qualified to rate them but if I had to make an educated guess I'd say 8, as in closer to Security+ than CISSP. I sometimes referred to SSCP as Security++, but then I'm talking about the material, not the exam. I assume the exam itself is a lot tougher than a basic CompTIA exam. But if you study hard for Security+ and go a bit beyond what's in the available Security+ study material, you will have covered a good deal of SSCP topics and established a decent foundation for the rest. When I started reading SSCP and CCISP materials (I 'was' considering the Associate exam) I couldn't help wishing I had used them to prepare for Security+. Obviously overkill but at least it's complete, and going beyond the high-level overviews of concepts most CompTIA exam study material consists of can help a lot to 'understand' the concepts better.

Gabe7055

ajs1976 wrote:

The Sec+, SSCP, and CISSP are all on my (I would like) to-do list. I would like to get to Sec+ next year, but the other two are going to wait awhile.

On a scale of 1 to 20, if the Sec+ is a 1 and the CISSP is a 20, were does the SSCP fall?

I would say a 10

I don't have much experience on security exams but I would think anyone going for the CISSP would want the SSCP just because it is as stepping stone, just like anyone going for MCSE should go ahead and get MCSA while they are at it.