The CISSP certification has been modified to accommodate current changes in technology, and the evolving threat landscape that strikes in the information security field. To further meet its obligation to the fraternity towards maintaining relevancy to its credentials, CISSP recently underwent a change.
Enhancements to CISSP credentials were made, and the new and enhanced version of CISSP was made available on April 15, 2015. CISSP certified professionals, although technically competent, will now also include expertise in design, implementation, managing and engineering the enterprise security program.
Along with the CISSP certification, SSCP (Systems Security Certified Practitioner) also underwent a change. According to isc2.org blog:
“SSCPs and CISSPs speak the same information security language with unique perspectives that complement each other across various IT departments and business lines.”
What is the new CISSP all about?
Refreshed technical content was added to CISSP to reflect the current topics in the information security industry. According to reports, some of the topics have been further expanded and other topics have been realigned to address the industry requirements better. These are the topics that have been expanded:
- Asset Security
- Security Assessment
The newly improved certification will address the technical and managerial competencies required to effectively design, implement, engineer and manage an organization’s information security program within an altering threat landscape.
The CISSP domains that have been updated as of April 2015 are as follows:
- Security and Risk Management (Security, Risk, Compliance, Law, Regulations, Business Continuity)
- Asset Security (Protecting Security of Assets)
- Security Engineering (Engineering and Management of Security)
- Communications and Network Security (Designing and Protecting Network Security
- Identity and Access Management (Controlling Access and Managing Identity)
- Security Assessment and Testing (Designing, Performing, and Analyzing Security Testing)
- Security Operations (Foundational Concepts, Investigations, Incident Management, Disaster Recovery)
- Software Development Security (Understanding, Applying, and Enforcing Software Security)
According to isc.org,
“The eight domains of CISSP provide a vendor neutral and internationally understood common framework upon which the practice of information security can be discussed, taught and otherwise advanced across geographic and geopolitical boundaries.”
CISSP is a reputed certification for all those working in the information security industry. We are sure that this enhancement to the certification will benefit all prospective candidates.