What is the GISP certification and how does it compare to the CISSP certification?

In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about scenarios when the GISP might be appropriate and how industry-relevant it may be.

Mike Rothman, Securosis

Honestly, I didn't know what the GISP certification was prior to this question, so thanks for forcing me to broaden my horizons a bit. The GISP certification comes from the SANS institute and is analogous to the (ISC)2's CISSP certification. Both are termed "intermediate"-level certifications and indicate a broad (though not necessarily deep) understanding of information security topics.

In fact, SANS offers a training course specifically for the CISSP exam that can also be used to prepare for the...

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

GISP test. Since there is a lot more name recognition for the CISSP (as opposed to the GISP), why bother with the GISP?

The only time it's worthwhile to consider the GISP is if you can't qualify for a CISSP, which usually means a lack of experience. The CISSP requires four years of relevant work experience, which a lot of people may not have. Thus the GISP becomes a potential substitute, for a couple of years anyway.

Though as I've written many times in the past, certifications don't necessarily indicate competence.

More information:

Check out the SearchSecurity.com guide to information security certifications.
Security certifications: Are they worth the trouble? Read more.

This was last published in October 2008

Dig Deeper on Information security certifications, training and jobs

Related Q&A from Mike Rothman

How to prevent software piracy

Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading

What are the roles and responsibilities of a liaison officer?

While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them ... Continue Reading

What's the best career path to get CISSP certified?

The CISSP certification can be a challenge to obtain. Mike Rothman unveils how to get on the right education and career tracks in order to get CISSP ... Continue Reading

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Information Security experts

View all Information Security questions and answers

SearchCloudSecurity

Google Cloud security gets boost with Secret Manager

Google Cloud's new Secret Manager service augments its cloud security capabilities with an eye toward the needs of DevOps teams.

Microsoft misconfiguration exposed 250M customer service records

Microsoft exposed 250 million customer support records on five Elasticsearch servers that had misconfigured Azure security rules,...

Lyft's open source asset tracking tool simplifies security

Security teams need information and context about data in order to keep it safe. Learn how Cartography, Lyft's open source asset ...

SearchNetworking

Build a source of truth into your network automation strategy

Many network automation approaches rely on a source of truth repository to provide data on network behavior. But building this ...

SD-WAN explained: The ultimate guide to SD-WAN architecture

Evaluating SD-WAN architecture can be confusing, especially as the market grows. This guide helps IT pros learn SD-WAN basics, ...

VMware acquisition of Nyansa combines LAN, WAN analytics

The VMware acquisition of Nyansa is expected to provide network traffic analytics that cover the SD-WAN and the wired and ...

SearchCIO

How IoT, 5G, RPA and AI are opening doors to cybersecurity threats

In the second part of a series on CIOs preparing for cyberthreats in 2020, we look at how emerging technologies like IoT and the ...

Preparing for the new forms of cybersecurity threats in 2020

In the first part of a series on the new forms of cyberthreats in 2020, we're diving into the many infiltration points being ...

What is the state of CIO tenure today?

CIO tenure remains significantly lower than other C-suite positions, and according to experts, it's a result of the age of ...

SearchEnterpriseDesktop

Windows 7 sunset gives PC market a boost in 2019

Does the growth of the PC market in 2019 reflect an increased appetite for the devices? Experts discuss the PC's role in the ...

EG Enterprise v7 focuses on usability, user experience monitoring

New features in EG Enterprise v7, set to launch soon, enable simulated and real user monitoring, automated diagnosis and new ...

Managing Windows Defender Device Guard in Windows desktops

IT pros must understand how Windows Defender Device Guard uses a locked-down approach to desktop security and how this method ...

SearchCloudComputing

A look at AWS antipatterns: What not to do in the cloud

In this Q&A, Clive Harber, co-author of "Implementing Cloud Design Patterns for AWS," breaks down why traditional enterprises ...

5 cloud database comparison tips to guide your data strategy

Catch up on these tips that compare the strengths, weakness and available integrations of popular public cloud database and ...

Reduce cloud latency for remote employees and offices

Latency remains an issue for cloud users with remote facilities. See how SD-WAN and satellites can improve network performance ...

ComputerWeekly.com

Interpol uncovers cyber crime operation in Indonesia

An Interpol-coordinated cyber operation leads to the arrest of three people in Indonesia who alleged used a JavaScript-sniffer ...

UK in catch-22 decision over Huawei security

The UK’s final decision on whether to permit mobile operators to use Huawei equipment is expected imminently, and its decision ...

LV= rolls out smart speaker skill

General insurance firm says customers will receive answers to commonly asked questions by invoking the skill on Alexa or Google ...

What CISO certifications are the most important to have?

CASP certification: Does CompTIA's security certification offer value?

Certification Central - CISSP®

ISACA's risk management certification makes its entry

Please create a username to comment.