What would you rather have MBA or CISSP? Why?

People & LeadershipStrategy & Architecture

MBA / Master's Degree71%

CISSP / Comparable Certification28%

868 PARTICIPANTS
10k viewscircle icon1 Upvotecircle icon21 Comments
Sort by:
Manager of Digital Security and Infrastructure in Energy and Utilitiesa year ago

I think an interesting follow-up would be: Whom would you rather hire as an ISM (for example), an MBA for a CISSP.

I can honestly think of few cases where I'd prefer the MBA over the CISSP, to the point that, for any leadership position in my orgs, a CISSP (or equivalent) is required; an MBA is not.

CISO/CPO & Adjunct Law Professor in Finance (non-banking)a year ago

It depends upon your goals.

There are tailored/customized MBAs that fail to convey the full scope of what an MBA graduate is generally expected to know. There are also memorization mills that pack CISSP candidates with enough information to pass the certification. 

The CISSP is supposed to evaluate the level of knowledge while an MBA is supposed to teach the business principles and processes to manage organizations.   There are job posting which ask for a certification or advanced degree but that conflates the purposes of the two items. If we think of each item as a tool, then we can look at the potential use cases. An MBA isn’t sought after for penetration testing nor is a CISSP requested to run a finance division.

Lightbulb on1
Chief Technology Officer in Services (non-Government)a year ago

I completed my MBA last year (2023).  Having done technical certifications for 20 years it seemed like a natural evolution to that.  While the investment is much higher than technical certification it has a lot more longevity IMHO.  If you're curious and want to study a broad range of topics I would highly recommend it.  Once completed i've gone back to technical certification as I think they can sit hand in hand and I'm always keen to learn, especially when the tech world moves so fast. 

Director of IT in Education2 years ago

Professional certification is better than PG programs

CIO in Energy and Utilities2 years ago

If your are planning to specialise in cybersecurity and only cybersecurity then may be CISSP is a good option. If you are planning for breadth on multiple domain then MBA is a better choice.

Content you might like

What are the biggest technical challenges preventing organizations from being able to use their existing data to enable digital transformation?

Finding data and putting it to good use13%

Controlling the security and privacy of data45%

Understanding how data is currently being used20%

All of the above19%

None of the above1%

View Results

As technology leaders, where are you seeing the most challenges or gaps?

Executive Support10%

Projects vs. Operations68%

Building a culture of Security15%

Team Completeness5%

View Results

If you could change one thing about how your organization initially implemented its hybrid work structure, what would it be?

Read More Comments

Considering the current economic climate and organizational priorities, how likely is it that your organization will increase, decrease, or maintain its cybersecurity budget this year?

Read More Comments

Does someone have advice on how they have balanced the risk/reward as it relates to introducing Open-Source Software to organization? My org is dipping its toe into the OSS world and the architecture and risk governance teams are looking to get ahead of these requests by coming up with policies and standards for OSS technology being brought into our environment. To clarify, this is not for software development and CI/CD pipelines, SDLC etc. This is for installing solutions that already exist out there (Zabbix, GreyLog, Prometheus etc.) into the organization's environment. We are looking to provide a balance on the obvious risk with the ability to move fast (like everyone else now).

What would you rather have MBA or CISSP? Why? | Gartner Peer Community