CISSP vs CISM
I am entrant into the security field, I know there are very great people here. I would like to have your opinion on CISSP vs CISM certifications, so that many new people like me know which to do first and strength and weakness of each.
Please help us.
if you are new to the security field maybe you should consider a lower level cert first. Maybe go with the cisco line of security certs?
If you are a true "entrant" then you won't be able to obtain either of these certs. The CISSP requires 3 years + a college degree, or 4 years of experience in one of the domains in the common bodies of knowledge (CBK) whereas the CISM requires 5 years of experience. I haven't dealt much with the CISM as I believe the CISSP is a more accepted cert.
go for ISCē CISSP ..best of the best
I didn't want to start a new thread hence i am asking my question here. I am still 2 years from achiving my bachelors degree in commerce and hence i am not eligible for CISSP or CISM now. Moreover I am sure my level of knowledge in Computer security is no where near to what is required to achive CISSP or CISM so I am planning to get following certs before I get my Bachelors degree.
I am plannig to go the following way.
1. Get Security A+ cert
2. Get CCNA cert
3. Get MCSE in windows 2003 Server with security as my specialization.
Then I plan to do my MBA in IT/systems. After all this I plan to get CISSP and then CISM. I am also looking to get some vendor specific certs like from Cisco or checkpoint.
Anybody thinks i should go around a diffrent path or get diffrent certs ?
The CISSP and the CISM are quite different.
The CISSP is more for generalist consultants while the CISM is management specific. Both require verifiable experience and may require a background check. (depending on your luck)
Of the two, the CISM is significantly more difficult to achieve and although it is less widely known... it is more respected and will land you a higher paying job.
I have both of these certifications and would be glad to answer any specific questions about either.
Being new to the security field, both of these certifications, especially the CISM (requiring six years of InfoSec management or five years plus a CISSP last I checked) are well beyond anything you should focus on for some time.
So catch do you think the certs i mentioned will help me professionally ?
Hmm... the MBA would be far better, so long as it is from a real school.
After that your other certs beside CISSP and CISM are pretty moot. That said every little bit helps, I just doubt they'd be worth the money.
Okay I really appriciate your answere but I just want to conform it and also get a clear picture.
I am from India and I am planning to do MBA from IIM (I am not sure if you have heard of it.) but I just want to know how much will the above certs add to my knowledge and income when i complete my MBA.
I hope i am clear here, what i am trying to ask here is how much will above certs (including CISSP and CISM) add to my chances of getting a job at a higher level ?.
Thank you again for your input.
I don't think you understand the certs.
You have to ALREADY have a job (or have had one) to even qualify for the certs. The CISM for example requires roughly a half decade as an information security manager under your belt. The CISSP is less demanding, but you must also already have an infosec job.
I guess to answer your question, they are helpful... but not in getting that job right out of college.