How good is CISSP as a security certification? Does it have the recognition of the industry?
Those in the know have told me, and my own observations verify, that the CISSP is a bit behind the times in terms of the currency of technologies and issues that it covers (for example, there's relatively little discussion of wireless security vulnerabilities and issues, even though these are well-known and well-documented by now). That said, the CISSP remains the best-recognized and most frequently requested infosec certification by name in IT job postings and classified advertisements. The parent group, the ISC-squared, is working valiantly to shorten update cycles and to make the content more current (and succeeding reasonably well).
Thus, I can recommend pursuing a CISSP as a reasonable strategy if infosec certification is among your career goals. You can always add more specific (Cisco, SANS, CheckPoint, etc.) certs to your collection or pursue the more senior security certs like the CISA, CPP, PSP, etc. later on down the road.
For more information on this topic, visit these other SearchSecurity.com resources:
Ask the Expert: Passing grade and study preparation for CISSP
Careers and Certification Tip: The CISSP
Ask the Expert: The ten areas of the CISSP Common Body of Knowledge
This was first published in October 2002