Is the CISSP Certification Worth It? Requirements, Exam Costs, and Salary

The average base salary for someone with a CISSP certification is $127,000. Find out if the CISSP certification is worth it by comparing exam costs with salary expectations.
portrait of Jane Nam
By
portrait of Jane Nam
Jane Nam
Read Full Bio

Writer

Jane Nam is a staff writer for BestColleges' Data Center. Before her work on higher education data trends, Jane was a news writer and the managing editor for an academic journal. She has graduate degrees in social and political philosophy and women's...
Published on February 14, 2024
Edited by
portrait of Lyss Welding
Lyss Welding
Read Full Bio

Editor & Writer

Lyss Welding is a higher education analyst and senior editor for BestColleges who specializes in translating massive data sets and finding statistics that matter to students. Lyss has worked in academic research, curriculum design, and program evalua...
Reviewed by
portrait of Victoria Ivy Southall
Victoria Ivy Southall
Read Full Bio

Reviewer

Victoria Ivy Southall is a United States Navy Veteran, Cybersecurity Manager, and IT professional with over 13 years of extensive experience beginning at 17 years old as an IT/Cyber professional in the United States Navy. She holds a Bachelors of Sci...
Fact-checked by Marley Rose
Learn more about our editorial process

www.bestcolleges.com is an advertising-supported site. Featured or trusted partner programs and all school search, finder, or match results are for schools that compensate us. This compensation does not influence our school rankings, resource guides, or other editorially-independent information published on this site.

Turn Your Dreams Into Reality

Take our quiz and we'll do the homework for you! Compare your school matches and apply to your top choice today.

Data Summary

  • Check
    To get the CISSP certification, candidates must have at least five years of work experience prior to taking the exam.[1]
  • Check
    The CISSP certification exam costs $749, and certified individuals must pay a $125 annual fee.[2]
  • Check
    The average base salary for someone with a CISSP certificate is $127,000 — about $50 an hour.[3]
  • Check
    Jobs in information security are projected to grow 32% from 2022 to 2023 — much faster than all other occupations (3%).[4]

The Certified Information Systems Security Professional (CISSP) certification proves you can design, implement, and manage large-scale cybersecurity systems. The CISSP certification is often considered the industry's gold standard — trusted and recognized worldwide by many government sectors and companies.[5]

If you're interested in furthering your career in cybersecurity, you may want to consider whether an advanced degree — such as a master's in information systems security — or a certification may be the most valuable.

This report covers an overview of the CISSP certification, including certification costs and requirements, projected salary, and the pros and cons of taking the exam.

CISSP Salary and Cost: What You Get for What You Pay

CISSP Costs

Preparing for the Exam: Roughly $1,000

Prospective test-takers should budget for exam prep costs, ranging anywhere from a few hundred to a few thousand dollars. Whether you decide to take a course or purchase self-study materials, make sure that you use the most up-to-date materials.

The nonprofit International Information System Security Certification Consortium (ISC2) runs the CISSP exam. ISC2 offers an online, instructor-led, self-paced training program that costs around $1,000.[6] ISC2 also offers an in-person, classroom-based course, taught by an authorized instructor.

However, ISC2 is not the only option. Many organizations have their own prep courses. ISC2 is also one of the most globally recognized accreditation companies, endorsed by industry, academic, and government authorities, including the U.S. Department of Defense (DoD).Note Reference [5]

How much time you will need to prepare for the exam will depend on several factors, but 90-180 days may be a comfortable timeline for preparation.

Inside Scoop

Need-to-Knows Before Starting Your CISSP Journey

The CISSP certification is not for those just breaking into the computer and information security sector.

  • Candidates must have five or more years of overall work experience before taking the CISSP exam.
  • Candidates must also have relevant work experience in at least two of the eight domains covered on the exam.

CISSP Exam Cost: $750

The CISSP certification exam costs $749. It costs another $50 to reschedule and $100 to cancel.Note Reference [2]

CISSP Renewal Requirements: $125 Plus Continuing Education Costs

Certified individuals must pay an annual $125 to ISC2.[7] They must also take 120 continuing professional education (CPE) credits every three years to meet the recertification requirements and maintain their credentials.

What should I expect in the CISSP exam?

The ISC2's CISSP exam is:

  • Four hours long
  • 125-175 questions
  • Only offered at designated test sites

Test takers must also score 70% or higher on the final assessment to pass.[8]

The exam covers eight domains:[9]

CISSP Exam Domains and Their Average Weight on Overall Score
Domain Average Weight
Security and Risk Management 15%
Asset Security 10%
Security Architecture and Engineering 13%
Communication and Network Security 13%
Identity and Access Management (IAM) 13%
Security Assessment and Testing 12%
Security Operations 13%
Software Development Security 11%
Source: ISC2[10]

CISSP Salaries

According to Payscale, the average base salary for someone with a CISSP certification was $127,000 as of February 2024.Note Reference [3]

Some of the jobs that showed the greatest percent increase in salary with the CISSP certification included security consultants (+26%), cyber security analysts (+24%), and information security analysts (+24%).

More Average Salaries for Cybersecurity Professionals With CISSP Certifications
Job Title Average Salary Average Salary With CISSP Bump Rate
Cyber Security Analyst $80,970 $100,180 +25%
Information Security Officer $100,070 $118,390 +18%
Security Engineer $100,290 $114,030 +14%
Information Security Manager $125,250 $130,040 +4%
Information Technology (IT) Director $125,490 $136,530 +9%
Solutions Architect $126,540 $148,210 +17%
Security Architect (IT) $137,960 $148,180 +7%
Based on 7,210 reports. Note that those who get the CISSP certification typically have more industry experience, which could also account for the higher salary.
Source: PayscaleNote Reference [3]

Did You Know...

Every military service member with privileged access to a Department of Defense system — regardless of specialty — must get a commercial certification credential accredited by the American National Standards Institute (ANSI).[11]

All of the ISC2 certifications meet the ANSI accreditation requirements.Note Reference [11]

Projected Job Growth for Professionals with a CISSP

The Bureau of Labor Statistics (BLS) projects jobs in information security will grow 32% from 2022-2023 — much faster than other computer occupations (14%) and all other occupations overall (3%).Note Reference [4]

This 32% bump translates to approximately 16,800 openings for information security analysts per year over the next decade.

Online Certificate Programs You May Be Interested In

Pros and Cons of Getting the CISSP Certification

Is the CISSP certification right for you? Preparing for and taking the CISSP exam is a hefty investment — in cost and time. Consider the following pros and cons.

Pros

  • Check
    The certification can help with marketability when looking for a new job, especially when the job market is tightening.
  • Check
    You can leverage the certification to increase your salary by referencing the market rate for folks with the certification or making the case that it meets a specific demand in your industry.
  • Check
    Personal growth — having a certification doesn't guarantee you a raise or a job, but, at the least, you can learn relevant skills to your role. It may even spark interest in alternative career paths.

Cons

  • X
    Certifications are expensive. There are exam fees and annual membership fees. You typically want to have your company subsidize your education/certification.
  • X
    Exams are tough and require hours of studying.
  • X
    Certifications become outdated. After a few years you will need to take more exams or updated exams.

Will the CISSP Certification Help You Get Hired?

In the words of Casey Marks, ISC2's Chief Qualifications Officer, it can only help.

Why? Because the CISSP certification offers quantifiable credibility, setting a job candidate apart from the pack by signaling to prospective employees that they have the technical skills, experience, and ability to lead an organization's security program, Marks said.

She added that in contrast to another degree, the CISSP certification is the only credential that demonstrates to employers and the public that a cybersecurity practitioner is assessed against the highest professional standards and ongoing maintenance requirements in the industry.

Plus, since the certification is targeted toward those with at least five years of relevant work experience, Marks argued it can be a deciding factor for someone looking for a mid- to senior-level role.

We also spoke with individuals with the certification to see what they had to say about the value of their credential.

Fred Kim, a senior security program manager and recent hire, told BestColleges that their CISSP certification came up during the job interview process, but it wasn't necessarily the reason they were hired.

I have definitely been asked about my certificates [in] my interviews, Kim said. However, I don't believe I was selected based on my certificates. It was mainly about specific experiences and if I took the time to learn material that can be applied.

It helped for sure, but it's only one out of many factors that get people hired, he added. I also heard that some recruiters search for certificates in LinkedIn to weed out individuals for roles.

Ibrar Bashir, an IT cybersecurity specialist for the U.S. Department of Homeland Security disagreed, saying that the CISSP certification did not help him get hired.

[The CISSP certification] was not a factor in my current role nor my previous role, he said. I don't see it helping me in future roles either.

While the certification did not land him his job, Bashir added that it was still a good way to challenge myself and just get another industry standard under my belt.

Other Certifications in Cybersecurity

The CISSP is not the only cybersecurity certification. Depending on your experience and intended career path, it may make more sense for you to pursue another certification.

For example, the Certified in Cybersecurity (CC) certification is intended for entry- and junior-level positions. In contrast to the CISSP exam, the CC exam is two hours long and primarily graded on security principles (e.g., confidentiality, integrity, availability).[12]

More Cybersecurity Certifications
Certification Required Work Experience
CC (Certified in Cybersecurity) None
CCSP (Certified Cloud Security Professional) 5+ Years
CISSP (Certified Information Systems Security Professional) 5+ Years
CGRC (Governance, Risk, and Compliance) 2 Years
ISSAP (Information Systems Security Architecture Professional) CISSP + 2 Years, or 7 Years Cumulative
ISSEP (Information Systems Security Engineer Professional) CISSP + 2 Years, or 7 Years Cumulative
Source: ISC2Note Reference [1]


References

  1. ISC2 Cybersecurity Certifications. ISC2. Accessed February 2024. (back to footnote 1 in content ⤶)
  2. ISC2 Exam Pricing. ISC2. Accessed February 2024. (back to footnote 2 in content ⤶)
  3. Salary for Certification: Certified Information Systems Security Professional (CISSP). Payscale. February 2024. (back to footnote 3 in content ⤶)
  4. Information Security Analysts Job Outlook. Occupational Outlook Handbook. BLS. September 2023. (back to footnote 4 in content ⤶)
  5. Accreditations, Recognitions, Endorsements, and Awards. ISC2. Accessed February 2024. (back to footnote 5 in content ⤶)
  6. Online Training. ISC2. Accessed February 2024. (back to footnote 6 in content ⤶)
  7. Annual Maintenance Fees. ISC2. Accessed February 2024. (back to footnote 7 in content ⤶)
  8. FAQs. Security Administration and Operations Certificates. ISC2. Accessed February 2024. (back to footnote 8 in content ⤶)
  9. CISSP Quick Glance. ISC2. October 2023. (back to footnote 9 in content ⤶)
  10. CISSP Certification Exam Outline Summary. ISC2. Accessed February 2024. (back to footnote 10 in content ⤶)
  11. DoD Directive 8570.1. ISC2. Accessed February 2024. (back to footnote 11 in content ⤶)
  12. Certified in Cybersecurity Certification Exam Outline. ISC2. Accessed February 2024. (back to footnote 12 in content ⤶)

BestColleges.com is an advertising-supported site. Featured or trusted partner programs and all school search, finder, or match results are for schools that compensate us. This compensation does not influence our school rankings, resource guides, or other editorially-independent information published on this site.

Compare Your School Options

View the most relevant schools for your interests and compare them by tuition, programs, acceptance rate, and other factors important to finding your college home.