There are a number of different certifications to consider earning when embarking on a career in IT security. Two specific certifications that are often debated are a Certified Ethical Hacker (CEH) vs. a Certified Information Systems Security Professional (CISSP).
If you are interested in pursuing an IT security career but not sure which of these avenues is best for you, read on to compare.
What Can You Do With a CEH or CISSP?
A Certified Ethical Hacker certification allows you to do many of the same things a malicious hacker does while getting paid for it. Organizations hire Certified Ethical Hackers to try hacking into their computer systems. They do this on a legal and legitimate basis to assess the security and vulnerability of the system and expose any security flaws. The organization then uses feedback provided by the CEH to improve their IT security measures.
A CISSP certification is often held by people in the positions of security consultants, managers, architects, analysts, and auditors. These employees help to set up the framework for security controls and risk management and make decisions that are central to an organization’s IT security blueprint.
So a CISSP sets up the security system, and a CEH tries to break that system before telling the CISSP what they need to do better.
How Are the Certifications Earned?
You must have a minimum of two years working in an IT security-related position prior to being accepted into a CEH program. The course then covers 18 modules and 270 attack technologies while mimicking real life hacking scenarios.
At the end of the training period you will be faced with the CEH exam. The exam consists of 125 multiple choice questions which students are allotted four hours to complete.
The CISSP requires five years of work experience in at least two of the following domains: security and risk management, asset security, security engineering, communication and network security, identity and access management, security assessment and testing, security operations, or software development security.
Next comes the CISSP exam, which consists of 250 multiple choice and advanced innovative questions over a six-hour allotment. Unlike the CEH, there is no required training course for the CISSP.
What is the Payoff?
A holder of a CEH certification makes a median salary of nearly $77,000 in the U.S. while additional money can be earned as a consultant.
CISSP carriers earn a median salary ranging from around $92,000 to upwards of $111,000 depending upon their specific job title.
Which is Right For You?
Ultimately, it’s up to you to decide. Earning potential may be slightly higher with a CISSP, but the CEH allows for what most IT professionals would consider more exciting work coupled with fewer demands for certification. Plus, the CEH was recognized as one of the Best Information Security Certifications for 2017.
If you need help, you can undergo a free career evaluation at mycomputercareer.com that can help point you in the right direction.