The CISSP is the Gold Standard in the Cybersecurity industry. There are plenty of additional resources to assist in passing the exam. First, “Think Like A Manager” by Luke Ahmed is an excellent resource. This book helps readers learn to think big picture when answering questions instead of attempting to solve the problem. The CISSP is not a technical exam, instead it requires you to think like a manager. Check out Luke’s book here. To get you in the right mindset, check out Kelly Handerhan’s “Why you will pass the CISSP” video on YouTube here.

(ISC)²  has additional certification paths and continuing education called  CISSP Concentrations and Skill Builders respectively. See more detail below.

Skill Builders

(ISC)² Skill Builders are a suite of professional development courses designed to help cybersecurity professionals expand their knowledge and skills in specific areas. These offerings include:

• Self-Paced Learning: Online courses that cover a wide range of cybersecurity topics, allowing professionals to learn at their own pace.
• Lab Exercises: Hands-on labs provide practical experience with real-world scenarios, helping to deepen understanding and application of cybersecurity principles.
• Express Learning Courses: These are short courses focused on specific cybersecurity topics, trends, or threats, designed for quick learning on the go.

Skill Builders cover various topics, from foundational cybersecurity knowledge to advanced skills, ensuring that professionals at all levels can find resources to advance their careers.

CISSP Concentrations

For those who have already achieved the Certified Information Systems Security Professional (CISSP) certification, (ISC)² offers three concentrations to specialize further in specific areas of interest within the field of information security:

1. CISSP-ISSAP (Information Systems Security Architecture Professional): Focuses on the architecture aspects of information security. Ideal for chief security architects and analysts, it covers areas like identity and access management, security operations architecture, and infrastructure security.
2. CISSP-ISSEP (Information Systems Security Engineering Professional): Developed in conjunction with the U.S. National Security Agency (NSA), this concentration focuses on the engineering aspects of information security. It is designed for systems engineers, security engineers, and those involved in the development and implementation of security systems and architectures.
3. CISSP-ISSMP (Information Systems Security Management Professional): Targets the management side of information security, including leadership, risk management, and project management. This concentration is suited for chief information officers, chief information security officers, and security managers who are responsible for establishing, presenting, and governing information security programs.