The Cisco's certification program is excellent

Certified Information Systems Security Professional (CISSP®)
The Cisco's certification program is excellent.
Is the CISSP a good cert to have? Absolutely !
The most valuable certification is the Certified Information Systems Security Professional (CISSP). It means you have a good understanding of the 10 bodies of CBK , a combination of real world experience will give you a stronger foundation than most people in the field.

Experience is required. Yes. Experience is required for the CISSP.
Well, the CISSP is certainly recognized in the applicable field.
Having a CISSP certification is more than an HR thing.

What are your plans? Why or why not do you pursue the CISSP ?
The CISSP was never meant to be a test of someone's technical skills, it's meant to show that the owner has a high level understanding of security in general. It does not denote technical knowledge, something many of the owners of the CISSP forget, as well as most of the people viewing it from the outside. The CISSP in no way measures technical skills , rather it is measure for knowledge of security principles.
If you're expecting technical expertise, look for CCNA , CCSP, CCIE or CEH. Unluckily, most of those aren't nearly as readily recognized by the HR departments as being 'security certificates' ; For better or worse !
CISSP is a nice start to someone just gaining credibility and looking to move on up. Something like a Security+ or Network+ is just not the same...
CISSP is not deeper in concepts but is highly recognized around the world, and certifies you have a base. Well, at all certification happens the same, there are people who take it, but doesn't understand really the concepts however you have to have a fairly deep technical understanding to pass the exam. CISSP is all about them who can chain the business needs and the technical capabilities together.


In the realm of information security and technical safeguards we have to understand the real problems, the real risks , the real threats. The biggest failure in the industry right now is having geeks think they are information security professionals. It is rather sad to see a person with an A+ or Cisco Security cert applying qualitative risk analysis and assets need to be protected, and to what degree. They fail miserably because they were taught that security was a technical problem, and not a business one.

The weakness of a certification based entirely on theory without practice :
Theory is worthless in security and risk management, you can't manage risk by simply being a high level person. CISSP does not measure practical skills or practical experience, for a field that is all about practical. Too bad the CISSP doesn’t require a practical.
SANS seems to have it right. You have to prove competence via practical effort. The GSE is an excellent example of that.
But this doesn’t mean that you should not go for it , you must but prior you must try to get some of the tech. certifications of Microsoft, Cisco etc…., then it will be more worth to you .

MCP>MCSE>CCNA>CEH>CCSP>CISSP along with any other as MCA ….
Best of luck, if you are taking this exam !