News Stay informed about the latest enterprise technology news and product updates.

From CCSP to CISSP: A look at (ISC)2 cybersecurity certifications

(ISC)2 recently partnered with the Cloud Security Alliance (CSA) to develop a new security certification specifically for cloud, the Certified Cloud Security Professional (CCSP) certification, and (ISC)2 executive director David Shearer had only good things to say about the experience.

"The industry is starting to collaborate more, which I think is a very healthy development," Shearer said. "Maybe two or three years ago we wouldn't have looked at the Cloud Security Alliance and (ISC)2 in the same space, but in working with them, we saw strengths that they had that were weaknesses for us."

In this interview at the 2015 RSA Conference -- where the two organizations introduced the new certification -- Shearer discussed the CCSP certification, as well as the gold standard among the security industry, the CISSP. While the value of the CISSP could falter with the movement to fill the hiring and skills gap plaguing the industry, Shearer isn't worried.

"CISSP has had a long-standing success rate. But frankly, (ISC)2 has a lot of other really, really good credentials. I think the success of the CISSP, to some degree, has dwarfed the other part of our portfolio," Shearer said. "We're extremely proud of CISSP, but I think there's a broader set of skills that are starting to emerge and we're making an attempt to fill the need to the best of our ability. We know we're not the only game in town; there are lots of other good organizations doing meaningful work in the space."

But with such a high demand for security talent -- that stands to grow for the foreseeable future -- could the CISSP become irrelevant? Shearer and (ISC)2 don't think so. "The CISSP is a pretty high bar; it's a long test, people aren't just passing that examination easily. I do think it's a differentiator within the industry." And according to Shearer, the skills gap and resulting demand for talent is "a big problem and (ISC)2 isn't going to solve it by ourselves. We're working with colleges and universities and other organizations. At the end of the day, it might be through their curriculum that they inspire a safe and secure cyberworld, which is our vision, but we're happy just to have a touch point in it or build momentum to drive it. It doesn't have to be all about (ISC)2."

View All Videos

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

Could the CCSP replace the CISSP?

I don't think you understand the question you are attempting to ask but they are two different disciplines from a security perspective. One deals with everything in house the other in the cloud. Vastly different animals, entirely.
Why given it a new synonym.  I think it can still be (CISSP), but by just expanding to the curriculum would be an ideal way to handle that...  If you kept changing the name, then more processional could get confused.  For an example, Take Project Management Professional (PMP) which has got a long stand in information technology arena.. The environment and data kept changing, but the professional title stays the same.