How does the SANS GCIH compare to the CISSP?

LinuxCubs

How does the SANS GCIH compare to the CISSP?

Is one better than the other?

badrottie

The short answer is: it depends.

• If your primary career interest is being an incident handler, the SANS GCIH is an excellent certificate to hold. Top shelf.
• If your primary career interest is being an information security professional (of which incident response is one aspect thereof), the CISSP is an excellent designation to hold.

The CISSP is viewed as being a "senior" level credential, the GCIH an "intermediate" one. The US DoD directive 8570.01-M can be used to establish a baseline of reference and to put things into perspective: IT Certifications and DoD Directive 8570.01-M | TechExams.net Blogs

• With a GCIH, you are qualified for IAT Levels 1-3, and CND Incident Responder.
• With a CISSP, you are qualified for IAT Levels 1-3, IAM Levels 1-3, and IASAE Levels 1-2

Overall recognition and valuation of each is highly subjective. The GCIH is a deep concentration in one area of information security, but it does it very well. The CISSP is very broad and encompassing, but suffers from not being as deep. That being said, what is not subjective is searching on dice.com (at the point of writing this response): The GCIH returns 56 results, the CISSP 1166. Whatever conclusions that can be drawn from these results is an exercise left for the reader.

That being said, there is nothing to stop you from getting both. In fact, there probably is a very convincing argument in doing so

GangstaNerd

Nice response!

LinuxCubs

badrottie wrote: »

The short answer is: it depends.

• If your primary career interest is being an incident handler, the SANS GCIH is an excellent certificate to hold. Top shelf.
• If your primary career interest is being an information security professional (of which incident response is one aspect thereof), the CISSP is an excellent designation to hold.

The CISSP is viewed as being a "senior" level credential, the GCIH an "intermediate" one. The US DoD directive 8570.01-M can be used to establish a baseline of reference and to put things into perspective: IT Certifications and DoD Directive 8570.01-M | TechExams.net Blogs

• With a GCIH, you are qualified for IAT Levels 1-3, and CND Incident Responder.
• With a CISSP, you are qualified for IAT Levels 1-3, IAM Levels 1-3, and IASAE Levels 1-2

Overall recognition and valuation of each is highly subjective. The GCIH is a deep concentration in one area of information security, but it does it very well. The CISSP is very broad and encompassing, but suffers from not being as deep. That being said, what is not subjective is searching on dice.com (at the point of writing this response): The GCIH returns 56 results, the CISSP 1166. Whatever conclusions that can be drawn from these results is an exercise left for the reader.

That being said, there is nothing to stop you from getting both. In fact, there probably is a very convincing argument in doing so

Thanks! I knew they were both IAT 1-3 but didn't know the CISSP also had IAM 1-3 and IASEA 1-2

LinuxCubs

Sounds like it might be a good idea to get the CISSP and then use the SANS certs as the CPE credits for the CISSP.

Does that make sense?

badrottie

LinuxCubs wrote: »

Sounds like it might be a good idea to get the CISSP and then use the SANS certs as the CPE credits for the CISSP.

Does that make sense?

Depends how you want to approach things. The GCIH does give a 1 year waiver towards the required work experience (4 years instead of 5).

That being said, the certification itself does not count towards CPEs. If you took the SANS course, you would qualify for CPEs towards your CISSP in that situation.

bjthajokesta

Great Response. This definitely helped me.

Guyotron

badrottie wrote: »

...That being said, there is nothing to stop you from getting both. In fact, there probably is a very convincing argument in doing so

I couldn't agree more. In fact, getting the GCIH before the CISSP drives home a lot of information in the Security Operations domain