I'm looking to go for the Certified CISO certification & training as I'm an aspiring CISO. Any recommendations and additional certifications that I should be doing along with that? I already have CISSP.
Sort by:
In my limited experience as a CISO for 10 years I've never been asked about or heard of any CISO job being impacted by the certified CISO credential. What I have seen and experienced is the requirement for soft skills - as others have stated. Technical people tend to get more certs and expect that their hard work will pay off. Unfortunately, business people don't care about certs beyond the gold standards (like your CISSP).
My recommendation is to take classes on presenting and negotiations. Live classes. It is difficult to learn to be a great presenter just by talking to a screen. Job interviews are presentations that shift to negotiations when talking compensation. Additionally, once in the job, your mission is to ensure sufficient resources are allocated to protecting the company – by presenting and negotiating with other areas since organizations always have resource constraints
There are a few out there but honestly not worth it IMO. Instead having great mentors is the way to go.
Why do you think you need a certification as a CISO?
If you're looking to learn more about CISO training, there are free online resources available. Alternatively, if you prefer a more immersive experience with hands-on sessions and fieldwork, consider university-offered programs. Top institutions like NYU Tandon and Carnegie Mellon offer specialized programs in this field. I've personally benefited from one such program at NYU.
https://cynomi.com/academy/tools/
https://secure-anchor.com/consulting/
https://fractionalciso.com/how-to-become-a-virtual-ciso/
A CISO’s job is often about justifying budgets. Understanding how to read a balance sheet or calculate ROI on a security spend is what will set you apart from other technical candidates.
Check this link for comparison: https://destcert.com/resources/cissp-vs-cciso/
CCISO: executive leadership, financial acumen, and strategic governance
Add-on certifications:
CISM: Best complement to CISSP; emphasizes security management and governance.
CRISC: Strengthens enterprise risk management skills.
SANS GSLC/GSTRT: Optional high-level leadership and strategy training.