There is more than one path to get certified, and several myths around which form of training is the right one – official or unofficial. In this article, we explain the reasons why you should go for official (ISC)² training.
Official training should be the obvious choice – after all, it comes straight from the source. Despite this, many professionals still choose unofficial training - be it for convenience or seemingly cheaper prices.
That’s not to say all unofficial training is bad, but it’s certainly difficult to get the same guarantees that you’d get with an official training provider. That’s why it’s so important to make sure you’re fully informed with what options are available before making your decision.
This is particularly important in the world of cyber security. In an industry that’s constantly evolving, it’s crucial that your cyber security knowledge and training is up-to-date so you can protect your business from increasingly sophisticated cyber-attacks.
As the largest international non-profit association for information security, (ISC)² is known for their cyber security certifications. The organisation takes pride in making sure their authorised providers are equipped with the relevant resources and maintain a high standard of training.
(ISC)² has conducted extensive research on myths and facts around unofficial and official training. We’ve condensed and added to the research, creating an expanded list of reasons for choosing official (ISC)² training.
1. Official training providers can offer (ISC)² exam vouchers
(ISC)² and official training providers are able to offer the official exam vouchers whereas unofficial providers cannot.
Plus, for businesses, (ISC)² offer a Voucher Program which gives you the opportunity to purchase seats for Official (ISC)² CBK Training Seminars and exams in bulk.
Unofficial training providers may state they include the exam voucher, in order to portray themselves as substantially cheaper than official (ISC)² training. This is false advertising and, according to (ISC)² "is neither true nor ethical”.
Although official training can be more expensive, you’ll know that you won’t have to spend any extra cash – you'll pay it all upfront. Unofficial training providers offer a price which excludes the cost of the exam.
And (ISC)² exams aren’t inexpensive. They vary from £199 for the SSCP and up-to £560 for the top-level CISSP exam. For more details on exam pricing, read (ISC)²’s official exam price list.
As a side note, it is important to know that you should never provide Pearson VUE credentials to an unauthorised organisation. You will risk you losing your (ISC)² certification as it violates the terms of the (ISC)² Non-Disclosure Agreement.
2. Get access to the most up-to-date resources
The content for (ISC)² certifications are regularly updated as it adapts to the rapidly changing cyber security landscape. This means that training must change often; only official providers get immediate access to the most recent version.
Up-to-date training techniques and course material are fundamental to you succeeding in your (ISC)² exam - without these, you’re putting your grade at risk and potentially wasting your time.
You can expect unofficial trainers to be cyber security experts too, but according to (ISC)², “it’s not guaranteed that unofficial training providers are teaching the latest domains covered in the exam”.
Official training, on the other hand, follows the updates of the (ISC)² Common Body of Knowledge (CBK) and courseware.
It’s just not worth risking your time and money on learning outdated curriculum which won’t be assessed in the exam.
3. You get taught by certified instructorsOfficial training means your instructors have been approved and trained by (ISC)² themselves. Choosing unofficial training means you’re putting your certification at risk of learning from someone who is not vetted from (ISC)².
Official (ISC)² training is not solely focused on trying to make sure you pass your exam. As a leading cyber security organisation, (ISC)² and their training providers take pride in moulding future leading cyber security professionals. As a result, you’ll be trained by motivated and talented professionals that excel at teaching what they love.
By choosing official (ISC)² training and learning from certified instructors, you’re not only giving yourself every opportunity to pass your (ISC)² exam and earn your certification, you’re also investing in your cyber security career.
4. You get access to revision toolsEven with the best instructors, it’s important to make sure you have all the revision tools you need to achieve your (ISC)² certification.
Official (ISC)² training providers offer multiple practice papers for you to prepare for your exam. They also offer alternative revision tools like the Official (ISC)² Student Guide and interactive flash cards.
Unofficial training providers do not have access to these resources. Combined with studying outdated curriculum, the loss of access to revision tools will could mean the difference between a pass or a fail.
How to choose official (ISC)² trainingHaving contrasted the value of official vs. unofficial training, we hope you now have a better picture of what to expect when deciding which (ISC)² certification course.
Unofficial courses can sometimes be cheaper and more convenient, so if you are in a hurry or really short in budget, it might be the right choice for your circumstances. However, unofficial sources would be hard-pressed to offer the same degree of reliability and quality assurance that an official certification course can offer.
On the other hand, official courses tend to have higher costs and stricter entry requirements, not to mention more competitive (and sometimes limited) placement. No matter which official provider you choose, taking an official track is an investment of more than just money - and you should be ready for a challenging, yet rewarding, experience.
In the end, it's up to you to decide what is more important for your company or career.
Firebrand is an official (ISC)² training provider, providing accelerated certification training courses. For a list of all official providers, visit (ISC)²'s authorised training providers webpage.