top of page

Why The CISSP Is Worth It

There are a few articles out there which talk about why the CISSP is not worth it, that it doesn't come with the hyped up job promotions or salary, or that a piece of paper doesn't make you a real security professional.

Okay cool, everyone is entitled to their opinion. I'm sure they are great articles.

It's just that not all of us are getting the certification for financial gain. Some of us just want to better ourselves to keep up with our profession.

Some of us don't go home after work and read spy novels or scroll through Instagram.

Instead we opt for Sybex CISSP 7th Edition, CCNA ICND2, Blue Team Field Manual, The TCP/IP Guide, Python For Dummies, AWS Solutions Architect Official Guide, firewall admin guides, or Alan Turing: The Enigma.

Some of us go home and read the books that relate to our job function, to try to become a better security professional, to try and become an expert at our jobs so we earn the respect of our peers and make our kids proud.

If you want to know why the CISSP is worth it, I point out a few old and new reasons below. I hope it helps.

Why The CISSP Is Worth It

  • If you want job security, the CISSP is worth it. Your resume will shoot to the top of Dice or LinkedIn when recruiters look for security professionals.

  • If you want to spend more time with your family, the CISSP is worth it. How? I negotiated the ability to work from home twice a week with my employer after attaining the CISSP. Hey, they needed me, and I needed to be with my family, we came to an agreement.

  • If you lose your job and need to get another job fast before your mortgage is due, then the CISSP is worth it.

  • Frankly, if you are CISSP, then you have already met the direct security experience requirement and probably wouldn't have that tough of a time to find a job in this industry. The certificate is just meant to open the right doors. You have to work even harder after you get the CISSP.

  • If you are 100% qualified for a high-paying job, but one of the requirements is that you have a CISSP, you don't have to worry about a missed opportunity because you didn't have something.

  • If you want to be part of a global community of security professionals, okay maybe you don't need the CISSP, but it helps!

  • There was so much I didn't know about security before studying for the CISSP. While studying I learned about polyinstantiation, referential integrity, known-plaintext attacks, or one-time pads. I learned the power of mathematics while studying about Diffie-Hellman, the importance of encryption throughout history, the meaning of data remanence, or the different types of fires and how to best extinguish them. Studying for the CISSP, even if you don't pass, helps you correlate the many facets of security, and how they all relate to each other.

  • If someone tells you that the CISSP isn't worth it, then simply ask them if they know what all goes into a BCP/DRP's Business Impact Analysis. Their answer will equate to the value of their opinion about the CISSP.

  • It's such a great feeling to sit with my friends, one of which is a Marine, the other an FBI agent, and the other a doctor. I could talk about smart tokens with the Marine, the value of encryption with the FBI agent, or HIPAA measures with the doctor. I could talk about security with each one of them even though they were all in different career fields.

  • But the thing is, none of them could talk to me about my job as a network security engineer. They just didn't have a clue. It's really something when you can relate a little bit to everyone else's job, but they don't know the first thing about yours. You truly feel like you are in a unique profession meant for unique individuals.

  • I mean this security thing isn't a job, it's a commitment.

  • And if you want to prove something silly to yourself, like how it feels to put in hard work and dedication to accomplish a goal, and then actually pulling it off against all odds...the CISSP can help with bringing about that feeling of accomplishment.

  • If you want to stop yourself from constantly needing motivation, but instead cultivating discipline that will follow you for the rest of your life, the CISSP is worth it. The CISSP is not for those who need constant motivation.

But if you're the kind of person that needs just a bit of financial motivation, then this was my life before and after obtaining the CISSP.

Before CISSP

Car: 2003 Nissan 350Z

Residence: Apartment near Washington D.C.

Job Titles: Systems Administrator, Security Administrator, Security Engineer

Salary: Far below six figures


Car: 2015 C300 Mercedes-Benz

Residence: House in the suburbs of Virginia

Job Titles: Tier 2 Security Engineer, Senior Security Engineer, Team Lead

Salary: Six-figures

Those who say that CISSP isn't worth it, they probably don't know anybody personally who has passed and changed their entire life.

If you don't know someone like that either, then just contact me at luke[at]studynotesandtheory[dot]com. I'll tell you all about the people who have changed their lives financially, professionally, and psychologically. You can read some of their stories by clicking here.

Disclaimer: I sell a subscription service on this site where if you pay me, I provide videos, practice questions, Telegram group membership, and study notes to help you crack the CISSP. So it is probably in MY best interest for you to study for the CISSP and hopefully subscribe to my site.

But I promise you, with everything in the name of integrity and professional courtesy, that is not why I wrote this article.

Thanks for reading.


bottom of page