This article can also be found in the Premium Editorial Download "Information Security magazine: Spotlight on the incident response hot seat."

Download it now to read this article plus other related content.

The retiring (ISC)2 CEO discusses the CISSP's progress and future.

For five years, James E. Duffy has been the face of (ISC)2 and its vaunted CISSP certification. As he passes into retirement, the CEO and president of the security certification body reflects on the expansion of the CISSP's ranks to more than 33,000 worldwide and where the gold standard of security certifications should go in the future.

Retirement is a time for reflection. How will you reflect on your (ISC)2 tenure?
I certainly will look back with pride that, under my leadership, we've grown from a small community that was primarily U.S.-centric to a strong, well-respected international certification. We've reached a point where companies make hiring decisions based on the CISSP certification. I'm also very proud of our international growth. When I took over, we had 300 CISSPs outside the U.S. That number has grown to more than 12,000 in 110 countries. I've worked very hard to build alliances around the world.

With such rapid growth in the CISSP ranks, is there a concern of watering down the certification's importance or prestige?
We have just touched the surface of the information security practitioner population. Our workforce study determined that there are 1.3 million information security practitioners around the world. Let's say 10 percent show interest in becoming a CISSP; that's only 130,000. We've only scratched the surface.

    Requires Free Membership to View

What shape is the CISSP in today, and what work remains to be done?
The CISSP is in the best shape it's been in--not that it was ever in bad shape. We still need to increase the rigor, offer it in more languages and promote the certification concentrations, such as the Information Systems Security Architecture Professional (ISSAP) and Information Systems Security Management Professional (ISSMP). (ISC)2 must also focus on constituent services. This year, for the first time, we will recertify more people than we will certify. We must continue to inform practitioners of the value of having the cert to make them want to retain it.

Study for the CISSP exam with our free online course at searchsecurity.com/CISSPessentials.

This was first published in March 2005

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: