Steve Young - Fotolia

CPE for CISSP: Top 10 ways to master continuing education

Who says you can't have fun while earning CPE credits to maintain your CISSP certification? Check out the top 10 creative ways to meet CISSP continuing education requirements.

It sounds odd, but if you think creatively, there are some cool ways to meet your Certified Information Security Systems Professional requirements.

To maintain the CISSP certification, you must earn 40 continuing professional education (CPE) credits annually, and 120 credits over a three-year period. Then again, you could always forget those CPE for CISSP requirements and take the exam again, but who really wants to sit for another six-hour CISSP exam? So let's get inspired and explore interesting ways to maintain your (ISC)2 credential.

You can go the traditional route for CISSP continuing education and attend conferences, such as Black Hat and RSA; subscribe to industry recognized periodicals, like Information Security magazine; or attend top-notch classroom-based training from the SANS Institute, or educational programs such as (ISC)2's own Security Congress events, where you can earn up to 28 CPEs with an All-Access Pass, plus an additional two for attending the Town Hall meeting at the conference.

All of these are credible and recommended ways to keep abreast of industry trends and best practices in the CISSP Common Body of Knowledge domains -- updated in April 2018 -- but there are more creative ways to earn CPE for CISSP credits.

Qualifying CPE activities

Before we begin, let's cover the basics. If you visit the (ISC)2 website, you'll find a list of qualifying CISSP continuing education activities that include, but are not limited to:

  • attending educational courses or seminars;
  • attending security conferences;
  • being an active member of an association chapter;
  • listening to vendor presentations;
  • completing university/college courses;
  • providing security training;
  • publishing security articles or books;
  • serving on industry boards;
  • self-study; and
  • volunteer work, including (ISC)² volunteer committees.

This leaves the game of CPE for CISSP open to your interpretation, and that is exactly what (ISC)2 intended. According to Marc Thompson, the executive vice president of ITPG, "The whole point is to give you the freedom to choose your own destiny. After all, it is your education."

Top 10 creative ways to earn CPEs 

Here are 10 creative ways to meet CISSP CPE requirements, in no particular order.

  1. Learn while being entertained. Books like The Mezonic Agenda: Hacking the Presidency, which was described as scarily realistic when it was first published in 2004, hold true today. Part of the Syngress Cyber-Fiction Series, a fully interactive game is embedded in the storyline. More recently, Matthew Mather, a cybersecurity expert with an AI background, successfully transitioned to science fiction, writing techno-thrillers, CyberStorm and Darknet.
  2. Volunteer at a local elementary or high school. You never know, tech-savvy students may just teach you a thing or two about computer security.
  3. Join a local users group. If you can't find one, check out Information Security Meetup groups. No groups in your area? Start one! Every hour spent in meetings is applicable to your CPE for CISSP requirements -- you can earn more credits for your CPE hours if you are a board member -- and the local networking opportunities may help your career.
  4. Basket weaving 101. OK, it's not quite that easy, but 40 of your 120 CPEs can be professional development courses not related in any way to IT security. Let your mind go wild on this one.
  5. Tired of traveling? Have the CPEs come to you. Invite a security vendor to make a presentation at your company.
  6. Get your MBA. Sure, they're a dime a dozen, but it never hurts the resume. Why not have your studies do double duty? All college courses meet the CPE for CISSP requirements.
  7. Attend a local security event. Check for seminars in your area and earn CPE credits for attendance.
  8. View an (ISC)2 Webinar. (ISC)2 host webinars weekly on a variety of topics delivered by security experts surrounding today’s most pressing security challenges.
  9. Help Develop (ISC)2 Certification Exams. Members earn one CPE credit for every hour worked at an examination development workshop typically amounting to 21 CPEs per workshop.

As for No. 10, if you wrote this article, you would have earned 10 more CPEs!

The CISSP certification has an $85 annual maintenance fee, $255 for the three-year period. CISSPs are expected to adhere to the (ISC)2 code of ethics, which is covered in the CISSP exam, and to understand core concepts of security and risk management. Learn more about CISSP continuing education and (ISC)2's enhanced CPE submission program here.

CISSP® is a registered certification mark of (ISC)².

Editor's note: This article was originally published in June 2005 and has been updated. 

Next Steps

Best cloud security certifications for IT pros

Dig Deeper on Careers and certifications

Enterprise Desktop
Cloud Computing