Certified in Cybersecurity of (ISC)² and (ISC)² Candidateship

Posted on November 21, 2022 • 3 minutes • 428 words

Table of contents

International Information Systems Security Certification Consortium - (ISC)²
It has five different domains:
Membership and Candidateship
Continuing Professional Education (CPE)

International Information Systems Security Certification Consortium - (ISC)²

(ISC)² is an international certification association for information security professionals that was founded in 1989. Its main certifications are SSCP (Systems Security Certified Practitioner) and CISSP (Certified Information Systems Security Professional.) (ISC)² Official Website

In 2022, they launched a new entry-level certification that doesn’t require professional working experience: 'Certified in Cybersecurity - CC'

It has five different domains:

26% - Security Principles
10% - Business Continuity (BC), Disaster Recovery (DR) & Incident Response Concepts
22% - Access Controls Concepts
24% - Network Security
18% - Security Operations

At the same time, another campaign is launched to help increase the global cybersecurity workforce: “One Million FREE (ISC)² Certified in Cybersecurity℠ Courses and Exams. "

With that campaign, the learners don’t pay the exam fee and access official self-paced online learning materials. There are some other learning options as well.

Membership and Candidateship

Before the candidate-ship, obtaining certification was the only way to be a member of (ISC)². Starting this year, learners without an (ISC)² certificate have begun to become (ISC)² Candidate and get some benefits, including that free access to the self-paced learning material and an exam voucher for CC.

To obtain CC, learners may take the official learning materials, register for an exam via Pearson VUE, and physically take it in an accredited test center. The preliminary result is given at the end of the exam. After that, an online endorsement application is made by submitting an online form. Lastly, a payment of USD50 for the first year annual maintenance fee should be paid.

It is suitable for people to enter the field, but the official learning materials may not be enough to cover all aspects of the exam domains. Obtaining IBM Cybersecurity Professional Certificate on Coursera was helpful in understanding and having more confidence while answering the CC exam.

Continuing Professional Education (CPE)

Last but not least, after the certification, “As an (ISC)² credential holder, you are required to earn Continuing Professional Education (CPE) credits to remain a member-in-good standing.”

That means the holders should continue to learn about the field and industry. The information security field is one of the best cases for the life-long learning concept. You lose the game if you don’t learn the new attack vectors. According to some research, attackers also use the newly discovered common enumeration of vulnerabilities (CVEs) after the minutes of their disclosure.

I also would like to thank Carla Jenkins. She has shared her story of the certification on her website. That is her Youtube Channel which covers IT topics.