cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cindelicato
Contributor I

Is a Masters Degree necessary after earning CISSP?

I have reviewed a few Masters Degree programs from online universities, and have noted the frequent benefit listed is prepping for CISSP. 

 

Does this mean holders of a CISSP have already accomplished what (at least) some Masters programs provide?

19 Replies
Harlekwin
Reader I

Hi Charles,

The simple answer (IMHO) is “no” but it will perhaps mark you out in a crowd.
However, what you get out of a Masters is entirely up to you. Also, like any qualification it is up to YOU what you make of it.

One of the greatest values is being exposed to a world that few of us have experienced for many years, perhaps decades, perhaps even never before: academia. That experience will put you in good stead and drive new ways of problem solving or analysis.

Level 7 (UK) courses, like Masteers Degrees, very specifically require the student to the vast amount of work. You’ll be given some directed reading and such but you’ll need to research and learn topics on your own, almost unaided.

An extreme technician may find academia stifling or annoying. Academia often lags significantly behind industry standards and dramatically behind current threats. But that does not make it worthless by any means.

If you choose to do a Masters-by-research then that is a different beast (for which I cannot comment). But in a taught-Masters the real pleasure comes from your choice of final project, your dissertation, and your final defence. Get this right and you’ll carry it with you with immense pride.

One final note. You absolutely need to have the backing of your family, friends and employer (especially your employer). Unless you are fortunate enough to be able to do a Masters full time the demands are extreme - often significantly more demanding than you job. I found myself taking holidays and so forth to get the research and write ups and so forth completed.

BUT (to repeat) - the pleasure and reward of getting the project, dissertation, and final defence nailed is immense. Get this right and it is something you can justifiably be proud of in the years to come.

And also, the CPE benefits should not be discounted.

My very path has been CEH >> Security+ >< CISSP >> MSc. Made sense to me.

Enjoy and good luck, Charles, whatever you choose to do.
—Nigel
cindelicato
Contributor I

Thank you, Kimber; your posts have brought me necessary clarity.

cindelicato
Contributor I

Thanks, Newcomer.   

 

I think you are absolutely correct; I did a cursory search of Masters programs and found more than a few that focused on the CISSP, so I lept to my conclusion.

 

I have no plans at this stage of my life/career to pursue a Masters, but I appreciate your input.

cindelicato
Contributor I

Thanks Matthew,  I will certainly consider your input if I do pursue a Masters.

cindelicato
Contributor I

Caute,

 

Thank you for your detailed description of a Masters program.

 

It is certainly food for thought.

cindelicato
Contributor I

Nigel,

Your response is compelling, indeed; at this point in my life/career I do not believe I will pursue a Masters anytime soon. But if that ever changes, I will revisit this post (already saved to my cloud storage) before I pull the trigger.

Thank you
rslade
Influencer II

> cindelicato (Newcomer II) posted a new topic in Career on 09-23-2018 11:14 AM in

> I have reviewed a few Masters Degree programs from online universities, and have
> noted the frequent benefit listed is prepping for CISSP.

Since ISC2 has done such a good job of putting together a comprehensive CBK, a lot of courses and degree programs use it to structure their syllabus or curriculum.   Thus, taking a program that does cover the CBK means you should be prepared (aside from the experience requirement).

>    Does this mean
> holders of a CISSP have already accomplished what (at least) some Masters
> programs provide?

It's possibly going a bit too far to say that, but, partly.  It will (or should) broaden your horizons (as should a good university program).


............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
CraginS
Defender I


@cindelicato wrote:

I have reviewed a few Masters Degree programs from online universities, and have noted the frequent benefit listed is prepping for CISSP. 


Charles,

No, a master's degree is not a specific requirement after attaining a CISSP. However, there may be other career development reasons to pursue such a degree.

 

First, if you read the program and course descriptions of the many master's degree programs in information security, information assurance, or cybersecurity, you will notice that many of them are designed to help folks with no security experience shift their careers into the infosec realm. If you have earned your CISSP, you are already there. 

As Grandpa @rslade pointed out, using the complete CBK domain set to design a grad program curriculum is a darn good way to cover all the bases. Consider that a five or six day cram course can prep you for the exam. Now think about how deep your learning will be in a program that devotes a full semester course to each domain. If a student had not been ready for the exam before the program, that student should be quite ready after completing all the courses.

 

Next, many experienced infosec workers who have had a CISSP for years do go back and complete one of those infosec master's degrees. I have a good friend and colleague who did so just a few years ago. The advantage of that sequence is that someone with deep knowledge in only a few of the domains will leave the degree in hand and aa much more complete understanding of the breadth of the infosec world. That person is much more ready to move into the security management positions (wanna be a CISO someday?) than the world's best hacker or pen tster or OS hardener. 

 

Oh, and all of those course hours count as CPE hours! You should have seen how many CPE units I claimed during my three years of infosec grad school.

 

Good luck on planning the right development progra for yourself in our field.

 

 

 

 

D. Cragin Shelton, DSc
Dr.Cragin@iCloud.com
My Blog
My LinkeDin Profile
My Community Posts
CISOScott
Community Champion

They both have separate objectives.

CISSP shows knowledge of a wide range of information related to Cyber Security.

A Masters degree is supposed to help you understand more than cyber security.

To me the CISSP helped me understand how to explain my craft, the Master's helped me explain it in business terms the C-suite would understand.

If you have any desires to get into the C-Suite (CISO, CIO, etc.) I would advise taking a Master's course.

cindelicato
Contributor I

Dr. Shelton,

Thank you for your insight; I will keep it in mind for my future endeavors.