cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cindelicato
Contributor I

Is a Masters Degree necessary after earning CISSP?

I have reviewed a few Masters Degree programs from online universities, and have noted the frequent benefit listed is prepping for CISSP. 

 

Does this mean holders of a CISSP have already accomplished what (at least) some Masters programs provide?

19 Replies
kimberdray
Newcomer II

Hi,

 

I would not directly associate a Masters program with CISSP. This ISC2 page is a good resource for information specific to earning a CISSP:

 

https://www.isc2.org/Certifications/CISSP

 

Have a look at the "Who Earns the CISSP Certification?" section.

 

Qualifying and successfully completing this certification is based on your verified and endorsed experience and knowledge across all of the CISSP domains.

 

There are many career paths that lead to this certification.

 

Kimber

cindelicato
Contributor I

Kimber,

I believe I haven't been clear. I have already earned my CISSP, and was looking into earning a Masters Degree, but found more than a few programs that seemed to prepare students for the CISSP. So I am asking whether a Masters is even worth pursuing if I already have a CISSP.

Thanks for the response.
kimberdray
Newcomer II

The requirement for a Masters is specific to the job role you are seeking and the industry you are in.

 

I know that's not a great answer but if I consider all of the information security professionals that I know and even the job descriptions in this industry, I am not seeing this as a requirement or even an increased likelihood of employment.

 

There are many industries that would put higher emphasis on say an MBA/MPA for any senior leadership positions with managerial roles. You may even find some salary grids that directly correlate to the addition of a Masters.  

 

I do suggest that this is evolving as the industry attempts to sort out some questions about standardization of qualifications.

 

If your career experience has been more technical in nature and less business/soft skill developed then perhaps a Masters would be appropriate. 

 

With the rising emphasis and need for CISO/CIOs role to have direct communications with Executive Boards on topics related to cybersecurity, risk, etc. managerial experience complimented with a Masters would likely enhance any information security training, experience and certification that you have.

 

It's my personal opinion that practical experience, coaching and mentorships are the better value for success in these areas.

 

 

 

 

kimberdray
Newcomer II

There is another thread here focusing on the availability and choice of Masters programs as well: https://community.isc2.org/t5/Career/Good-and-suitable-Cyber-security-masters-degree-online/m-p/8747...

Daniel-Nash1
Newcomer III

I earned my second masters in Information Assurance/Security before earning my CISSP.  Accredited programs help in experience toward your certification along with the experience of doing relevant research in the field.  I would say the experience helped - though I also practice and teach IT security for networking and computer science professionals.

I don't see earning a Masters degree as essential to getting certified, though I believe it will help your career overall.

kimberdray
Newcomer II

Tough to statistical show what percentage of CISSP may apply to a Masters but from some of those programs I have reviewed, it appears as if the CISSP cert. may be a challenge equivalent for 1-2 course components of a full Masters course load. Of course, that would also depend on which Masters you choose.

ro83
Newcomer III

I am preparing for my CISSP exam and also I started my master studies this year. HCI masters program is not directly related to security so it is not helpful for passing CISSP exam, but it provide much wider knowledge about technology and society in general. I see this combo as a synergy. If masters program is defined as preparation for an exam and you already have the certificate then it looks like running in the lower league for me. I would recommend more challenging masters studies for you in this situation.

Matthew_Stiles
Reader I

From my experience and discussions with HR personnel, a Bachelor's degree is generally considered the minimum for management-level positions.  I have an Associate degree and my CISSP, and they said that the latter counts highly in terms of eligibility for technical positions (on part with a BS) but wouldn't suffice for management.  However, HR didn't mention any higher-level degrees (Master's or higher) or how that weighs for a position.

 

I'd say if you're interested in pursuing senior management positions (especially executive level), a Master's might be something to consider just to help show an "well-rounded" background and familiarity across multiple aspects of both security and business.

Caute_cautim
Community Champion

Depending on your career aspirations, as one colleague has stated a Bachelor is the minimum standard required for many graduate or under graduates within my own organisation.   From my own experience, of doing an MSc, Whereas a Bachelor's degree had a structured approach, and studying was related text books, particular principles - I did a BA via the Open University the hard way, because I was traveling frequently.   I found the MSc level was challenging, and it really made me think, and learn how to structure arguments effectively, especially when the readership was my own management within my organisation.   In a sense, the CISSP is an artificial world, to ensure you know how to apply the principles to your everyday activities, very structured, but you still have to apply your own experience to complete it.   Whereas a higher degree, teaches you to carry out research, make decisions based on the information being gathered, the source and whether there was an inherent bias within it.  You then applied that learning directly to your own thinking, in a structured manner and argued ones cases whether it was for a particular case or against it.  You had to validate and structure ones arguments and stand behind them and apply that learning to every day activities, it was certainly for me a period of self development, and vast learning experience.  

 

As long as you have work, life and balance, you can achieve many things - but don't neglect those around you, as you become more and more focused on the MSc experience, especially on the final thesis etc.

 

Regards

 

Caute_cautim