I have reviewed a few Masters Degree programs from online universities, and have noted the frequent benefit listed is prepping for CISSP.
Does this mean holders of a CISSP have already accomplished what (at least) some Masters programs provide?
I would not directly associate a Masters program with CISSP. This ISC2 page is a good resource for information specific to earning a CISSP:
Have a look at the "Who Earns the CISSP Certification?" section.
Qualifying and successfully completing this certification is based on your verified and endorsed experience and knowledge across all of the CISSP domains.
There are many career paths that lead to this certification.
The requirement for a Masters is specific to the job role you are seeking and the industry you are in.
I know that's not a great answer but if I consider all of the information security professionals that I know and even the job descriptions in this industry, I am not seeing this as a requirement or even an increased likelihood of employment.
There are many industries that would put higher emphasis on say an MBA/MPA for any senior leadership positions with managerial roles. You may even find some salary grids that directly correlate to the addition of a Masters.
I do suggest that this is evolving as the industry attempts to sort out some questions about standardization of qualifications.
If your career experience has been more technical in nature and less business/soft skill developed then perhaps a Masters would be appropriate.
With the rising emphasis and need for CISO/CIOs role to have direct communications with Executive Boards on topics related to cybersecurity, risk, etc. managerial experience complimented with a Masters would likely enhance any information security training, experience and certification that you have.
It's my personal opinion that practical experience, coaching and mentorships are the better value for success in these areas.
There is another thread here focusing on the availability and choice of Masters programs as well: https://community.isc2.org/t5/Career/Good-and-suitable-Cyber-security-masters-degree-online/m-p/8747...
I earned my second masters in Information Assurance/Security before earning my CISSP. Accredited programs help in experience toward your certification along with the experience of doing relevant research in the field. I would say the experience helped - though I also practice and teach IT security for networking and computer science professionals.
I don't see earning a Masters degree as essential to getting certified, though I believe it will help your career overall.
Tough to statistical show what percentage of CISSP may apply to a Masters but from some of those programs I have reviewed, it appears as if the CISSP cert. may be a challenge equivalent for 1-2 course components of a full Masters course load. Of course, that would also depend on which Masters you choose.
I am preparing for my CISSP exam and also I started my master studies this year. HCI masters program is not directly related to security so it is not helpful for passing CISSP exam, but it provide much wider knowledge about technology and society in general. I see this combo as a synergy. If masters program is defined as preparation for an exam and you already have the certificate then it looks like running in the lower league for me. I would recommend more challenging masters studies for you in this situation.
From my experience and discussions with HR personnel, a Bachelor's degree is generally considered the minimum for management-level positions. I have an Associate degree and my CISSP, and they said that the latter counts highly in terms of eligibility for technical positions (on part with a BS) but wouldn't suffice for management. However, HR didn't mention any higher-level degrees (Master's or higher) or how that weighs for a position.
I'd say if you're interested in pursuing senior management positions (especially executive level), a Master's might be something to consider just to help show an "well-rounded" background and familiarity across multiple aspects of both security and business.
Depending on your career aspirations, as one colleague has stated a Bachelor is the minimum standard required for many graduate or under graduates within my own organisation. From my own experience, of doing an MSc, Whereas a Bachelor's degree had a structured approach, and studying was related text books, particular principles - I did a BA via the Open University the hard way, because I was traveling frequently. I found the MSc level was challenging, and it really made me think, and learn how to structure arguments effectively, especially when the readership was my own management within my organisation. In a sense, the CISSP is an artificial world, to ensure you know how to apply the principles to your everyday activities, very structured, but you still have to apply your own experience to complete it. Whereas a higher degree, teaches you to carry out research, make decisions based on the information being gathered, the source and whether there was an inherent bias within it. You then applied that learning directly to your own thinking, in a structured manner and argued ones cases whether it was for a particular case or against it. You had to validate and structure ones arguments and stand behind them and apply that learning to every day activities, it was certainly for me a period of self development, and vast learning experience.
As long as you have work, life and balance, you can achieve many things - but don't neglect those around you, as you become more and more focused on the MSc experience, especially on the final thesis etc.