I have both and what I would say is CISSP is harder because it covers more and CCSP just mainly focus on the cloud. So it's up to you, are you the type that like to tackle the hardest first or start with the easier one and then go for the harder one? Everyone is different so it's more about a little inflection.
I am thinking about take both the CISSP and the CCSP, but I do not know which one to take first. I already have my Sec+ and I want to start building my career in sec. I also would like to take the CCSK
Good idea to consider your options. Here are aspects to consider.
1. Do you have a target area for job searches? If so, which of those certifications show up in job announcements?
2. Do you have the necessary experience to qualify for certification when you pass the exam for either? Both?
3. Because it has been around decades longer, and supported by the longstanding "gold standard" marketing campaign, CISSP is much more widely recognized by HR recruiters.
5. Because CISSP s a broad security management certification, while the CCSP is specifically focused only on cloud security, having the CISSP opens many more doors for a wider variety of job considerations.
Good luck! Excellent to be looking at building both your knowledge and your credentials for a career in infosec.
I am thinking about the CISSP because it doesn't focus on just one area like the CCSP. Is 3 months enough time to study and pass the exam?
... Is 3 months enough time to study and pass the exam?
That depends on what you study and how you study, including how much time per day and week.
1. I spent two years studying before taking the exam. Passed with no worries, and was confident I really new the material.
2. Many people pass the exam after a five or six day intensive cram course either from (ISC)2 or other training organizations.
I am pretty sure that six months after the exam I knew a LOT more about the many domains than most of those cram course grads did a week after their exam.
If you are determined, you can study and do the exam within that time frame. I studied 7-9 hours a day and 12+ hours on the weekends when I studied for the CISSP. I did that for 7 weeks and did the bootcamp for 1 week. Bootcamp closed knowledge gap which was only about 5-7%
I say do the CISSP first. This will help lay the foundation of that general security knowledge that you would build on when you go for the CCSP. It's not automagic once you pass the CISSP, but rather understanding on what and how to build knowledge in those security domains. I also have both the CISSP and CCSP and know where they both complement each other.
Good luck on your journey!
I agree with this, CISSP is the first one to go for IMHO. Personally i felt a lot more prepared for the CCSP with the CISSP under my belt, not sure i'd have felt the same if i'd done them the other way round.Also, assuming you meet the requirements of the experience for the CISSP, you have no addition worries with the CCSP, in that regard.
Look at the marketability of each certification and how each reflects your skill level.
The CCSP (capital letters) reflects on your ability to understand cloud based security. Though cloud has been around for years, most security practitioners still haven't figured out how cloud based security really works or does not work. We still see billions of compromises a year. Here the CCSP helps identify and evaluate those weaknesses.
The CISSP is the most recognized and marketable certification by those outside of the security practice but is also the most misunderstood security certification out there. The CISSP requires up to 5 years of security practice or four with a bachelor's. Though too many people lacking experience have completed the exam, becomes all to apparent when they hit the field level they don't have the abilities to perform the security related tasks and fail. I know this because I have had to fire too many "CISSPs" that lacked any skill outside of a paper cert. Not sorry. I know this is the ISC(2) board but that is the hard cold truth of it.
Often referred to as being "a mile wide and an inch deep", the CISSP covers a great number of topics but often only superficially. That's by design and should not be confused with deep expertise in any one field but a broad understanding of security concepts.
Obtaining both certifications is great. Both certs have there advantages in the marketplace but only if they help document your experience and not as a replacement for experience or expertise.
Good luck and choose wisely.