Certified Information Security Manager, or CISM, is a certification for advanced IT professionals who want to demonstrate that they can develop and manage an infosec program at the enterprise level. It's offered by ISACA, a nonprofit professional association focused on IT governance, and focuses on four core areas:
Information security management
Information risk management and compliance
Information security program development and management
Information security incident management
If you're interested in making business decisions about cybersecurity and working with — or maybe joining — your organization's leadership, the computer engineering career is worth pursuing.
What's the difference between CISM and CISSP, one of the other most popular advanced cybersecurity certs? Both CISM and CISSP require infosec technical savvy, but CISM specifically requires that you show that you understand the incentives around information security from a business point of view, rather than just a technical standpoint. It is strongly oriented towards managers and those who aspire to be promoted to management. A CISSP certification, by contrast, demonstrates in-depth technical knowledge over a broad list of security domains, though it involves some managerial responsibilities as well.
No comments:
Post a Comment