https://www.infosecurity-magazine.com/news/cissp-equal-masters-degree
The Certified Information Systems Security Professional (CISSP) certification has been granted a qualification level equal to that of a master’s degree across Europe. The qualification was designated as comparable to Level 7 of the Regulated Qualifications Framework (RQF) by UK NARIC, the UK’s designated national agency responsible for providing information and expert guidance on qualifications from across the world.
Maybe of interest.
jaclaz
Wait, I can get a MS because I have a CISSP?
Either CISSP has become way more detailed then when I got it, or Masters degrees have been deprecated significantly.
How do I get it? 😀
By instinct, I would choose the second you said.
jaclaz
I haven't seen the specific decision made by NARIC (and can't seem to find it) but I think the wording given here by the journalists and/or ISC2 is somewhat confusing. There's no mention of weighting of the qualification, so the question I have to ask is "how much of a Masters degree is CISSP worth?". It isn;t necessarily worth a whole one.
To put it into context, a postgraduate certificate (PGCert/PGCE etc.) is "Masters level". As is a postraduate diploma (PGDip, DipPG etc.). They are NOT the same as an actual Masters degree.
A PGCert is 60 credits, a PGDip 120 credits, and a full Masters degree is (typically) 180 credits. They may have the depth, but not the breadth required.
Something can be "Masters level" and not be worth the same as a Masters degree. What matters is factors like the "academic rigour" (or more fundamentally, how hard it is). Level 7 of the QCF/RQF is "Masters level" but non-academic awards can be deemed equivalent if the level of study is viewed as equivalent.
I would really like to see how many credits NARIC think it is worth, as this would then allow CISSP to be used as partial credit towards completion of a Masters degree.
I also have no idea, but definitely level 7 RQF is Masters Degree:
https://en.wikipedia.org/wiki/National_qualifications_frameworks_in_the_United_Kingdom
And here is a "more official" source:
https://www.helpnetsecurity.com/2020/05/13/isc2-cissp-masters/
and - obviously - some critiques:
https://securityboulevard.com/2020/05/cissp-is-at-most-equivalent-to-a-2-year-associates-degree/
though I wonder where the level 11 in the above comes out from.
and the Author is not particularly politically correct talkinf of the CISSP.
Anyway, it seems like the ISC has cleared the details, sorry Jhup 🙁 :
https://blog.isc2.org/isc2_blog/2020/05/cissp-comparable-to-uk-masters-degree-standard.html
jaclaz
https://blog.isc2.org/isc2_blog/2020/05/cissp-comparable-to-uk-masters-degree-standard.html
Jaclaz, thanks for sharing. The last link clears things up somewhat. As I expected, they are saying that the "standard of learning" equates to the same as what would be expected of you on a Masters programme.
Still, it would be really useful if they could have stated how many credits it is worth! For people who wish to use this wowards a masters qualification, they should be able to "cash in" their CISSP in order to have less modules or units to study in order to complete the qualification.
Without this, it's down to individual admissions assessors to make their own minds up. WSe'll likely see wildly varying weightings, depending on how familiar the individual assessor is with the CISSP cert, and other factors no doubt will impact!
and - obviously - some critiques:
https://securityboulevard.com/2020/05/cissp-is-at-most-equivalent-to-a-2-year-associates-degree/
From the Blog:
This is has an enormous impact on the cybersecurity industry with hordes of “certified” professionals who are none-the-less non-technical, not knowing how things work.
While this is true, I have to say that degree holders also often don't know how things work, the relevant things in particular. That is because they come from a parallel universe, where - in terms of computer forensics - steganography matters, and professors find nothing more exciting than to develop the security concepts behind presumed future technology that does not exist. In a country like Germany, with a drastically fading STEM culture, this comes spiced with a drift towards "ethical and social implications of computer technology". So in the end I am having job interviews with bright-minded young people who were turned into tech ideologists and kept busy working on the security of medical nano robot mesh networks on paper, but don't know how to crack a damn Wi-Fi. Degree or CISSP, both show some commitment to a topic, but you can't rely on either one and have to ask the right questions for the job.