The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

CASP vs. CISSP: The Real Fight Is For Candidates' Attention

Other Quibbles and Nibbles


Womans hands hauling in a pile of cash moneyThen there’s the matter of salary associated with each credential. Those same job boards cited in the table tell an interesting story there, too. The CISSP salary range runs from $72,000 to a high of $188,000, with an average of $111,000 and a median of $91,000.


The CASP range also starts at $72,000, but hits a high of $158,000, with an average of $91,000 and a median of $88,000. I actually think this lends credence to Lane’s assertion that it’s a good credential for people who want to stay technical and hands-on.


Why do I say this? Because, except for rare exceptions for extremely talented, high-level consultants and technical fellows, the hands-on guys usually make less than the guys who manage them.


I also take minor issue with Lane’s assertion that CASP holders are better equipped to deal with compliance with applicable rules and regulations, and better able to lead, design and implement technical solutions. The CISSP exam is heavy on theory, but it pays close attention to matters of law, regulations, compliance and accountability.


It also emphasizes processes and procedures which, if followed closely, should help CISSP pros do every bit as well in such situations as their CASP-certified counterparts.


As for performance-based testing versus multiple-choice questions, there’s no denying that the first is a better indicator of hands-on skills and operational knowledge. But CISSP’s requirement for 3-to-5 years of documented on-the-job security experience, as well as a testimonial from a current CISSP holder, helps to address some of those same concerns, in my opinion.


Which is Best for You: CASP or CISSP?


Good question! I think Lane is correct to assert that for those who want to stay on in an active day-to-day role as a security professional who does security stuff, the CASP is a good choice. In the long term, however, I think it may make even better sense to combine the two.


Even the most dedicated in-the-trenches security guys may sooner or later aspire to more responsibility and a broader purview of the role that security (and policy) play in an organization. At that point, CISSP certification really makes a lot of sense, and provides career-boosting potential that, as indicated by the table above, the CASP simply doesn’t match at present.


Not to mention the improved salary possibilities of CISSP certification. It’s a good topic to chew on, however, and both credential are worthy of time spent duking things out. I think they’re both winners, but for different reasons. I hope you agree, and have found this discussion informative and worthwhile.



ed-tittel120Ed Tittel is a 30-plus-year computer industry veteran who's worked as a software developer, technical marketer, consultant, author, and researcher. Author of many books and articles, Ed also writes on certification topics for Business News Daily, and on Windows desktop OS topics for TechTarget and Win10.Guru. Check out his website at