The IT Certification Resource Center

Featured Deal

Get CompTIA, Cisco, or Microsoft training courses free for a week.
Learn More ❯

Six Hot Cybersecurity Certifications for 2018

Certified Information Systems Security Professional (CISSP)


SecuritySkilled cybersecurity professionals will continue to be in high demand in 2018. concept satisfied guyThis globally-recognized vendor-neutral certification from (ISC)² validates advanced knowledge and skills in the direction, development and management of organizational security policies and procedures. CISSP is an advanced credential intended for experienced IT security professionals. Recognized by organizations in many countries, the CISSP takes several years and serious effort to achieve, but is considered well worth it. Concentrations in architecture, engineering, and management are also available to those who hold a valid CISSP.


Up until this year, anyone hoping to earn the CISSP was required to pass a grueling six-hour exam with 250 multiple choice questions. That's still the case if you're taking the exam in a language other than English. English-language examinees, however, now face a shorter exam — just three hours — that's arguably more challenging, on account of (ISC)²'s introduction of Computerized Adaptive Testing. You can visit the (ISC)² website for more information about the change.


CISSPs must also have a minimum of five years of full-time employment in at least two of the eight (ISC)² domains, in addition to a college degree or approved certification. And there's a separate exam for each of the three CISSP concentrations.Training materials include instructor-led programs, on-demand and online video training, private courses, study guides, practice tests, and interactive flashcards.


To retain validity, CISSP holders need to pay an annual fee and recertify every 3 years. Recertification requires earning 40 Continuing Professional Education (CPE) credits each year, totalling 120 CPEs in a three-year period.


Certified Information Security Manager (CISM)


CISM is an advanced credential sponsored by the Information Systems Audit and Control Association (ISACA) for information security managers and experienced IT management professionals. It is designed for managers entrusted with the responsibility of managing the security of enterprise-level information systems. This credential seeks to enhance knowledge of development, administration and management of enterprise IT security and organizational security best practices.


CISM demonstrates advanced knowledge and expertise in IT security risk management, incident response, governance, and overall systems and data security management.


Certifying as a CISM requires passing the CISM exam, agreeing to the ISACA Code of Professional Ethics, at least five years of experience working full-time with information systems security, of which a minimum of three years should be in managing information security in three or more of the specified job practice areas. Work experience must be earned within 10 years prior to application and not before or no later than five years after passing the exam. ISACA does permit exemptions based on a candidate’s valid credentials, but it remains mandatory to obtain the certification within five years of passing the exam and agree to the CISM Continuing Education policy.


Self-study materials include the ISACA journal, study and training materials in different languages, an exam prep community, courses and other options.


Certified Cloud Security Professional (CCSP)


Cloud security is becoming increasingly important as more organizations migrate to the cloud. It’s no wonder there’s a growing demand for professionals with proven cloud security skills. CCSP is an advanced globally-recognized vendor-neutral credential from (ISC)² and Cloud Security Alliance, which validates advanced knowledge of and practical experience with cloud security architecture, design, platform, application and data security, operations, compliance and legality.


To achieve the CCSP credential, you need to have at least five years of full-time employment in IT, of which three of those years must be in information security and one year in one or more of the six domains of the CCSP Common Body of Knowledge (CBK), pass a four-hour exam comprising 125 questions with a scaled score of 700 or more, subscribe to the (ISC)² Code of Ethics, and have your application endorsed by an (ISC)²-certified professional who is an active member and able to confirm your work experience. It is mandatory to subscribe to the Code of Ethics and have your application endorsed within nine months of taking the exam. A valid CISSP credential is a substitute for the experience component.


Exam preparation options include training courses and self-study materials, such as the Official (ISC)² CCSP Study Guide, Official CCSP Study App, interactive flash cards and exam outline.


To maintain the CCSP, you need to earn and post at least 30 CPE credits each year before the annual anniversary date of your certification, abide by the Code of Ethics, and pay the annual maintenance fee.



Reena Ghosh is an independent ghostwriter who writes promotional, developmental and explanatory content for individuals and businesses. She came to professional writing with work experience in financial services operations and corporate communication. Reena speaks three languages and hopes to learn Sanskrit.