CISSP, SSCP and CISSP-ISSMP among recognised certifications for learning and development pathways in cybersecurity

Clearwater, FL, October 1, 2020ISC2 – the world’s largest nonprofit association of certified cybersecurity professionals – today announced that ISC2 certifications have been recognised as relevant certifications for Incident Responders by the Australian Signals Directorate (ASD), the Australian Government agency that manages cybersecurity at a national level, as included in the publication of the second edition of the ASD Cyber Skills Framework.

The ASD Cyber Skills Framework is an iterative framework designed to be used to assess, maintain and monitor the skills, knowledge and attributes of the cybersecurity workforce employed by the Australian Government. The framework has been further designed to support the needs of public and private sector organisations across Australia, enabling targeted recruitment of cyber specialists, providing a development pathway for current and future cyber staff and aligning skills, knowledge and attributes with national and international industry standards.

The ASD Cyber Skills Framework is analogous to the NICE (National Initiative for Cybersecurity Education) Framework established by the U.S. Government’s NIST (National Institute for Standards and Technology). A differentiator to NICE, however, is that the Framework adds competency criteria to align with Australian Public Service (APS) seniority levels.

The Framework defines nine distinct cyber roles (Cyber Threat analyst, Intrusion analyst, Malware analyst, Incident Responder, Operations Coordinator, Penetration Tester, Vulnerability Assessor, Cyber Security Advice and Assessment and Vulnerability Researcher) and details capabilities, skills and proficiency levels, digital career pathways, and recommended learning and development pathways for each role.

The Learning and Development Pathway section of the Framework illustrates cyber practitioners’ development of their professional and technical expertise, using the Incident Responder role as an example. In recognizing six distinct proficiency levels for the role, each with corresponding related certifications that are suggested as indicators of proficiency for professionals at that level, ISC2’s SSCP certification is suggested for Level 3 Practitioners, while the CISSP and ISSMP (which is a concentration in the management aspect of security leadership) is suggested for Level 5 Principal Practitioners.

“What the ASD Cyber Skills Framework clearly outlines is a distinction that we consistently make about our certifications, and that is that different roles require different knowledge bases, and not every certification is meant for all cybersecurity professionals,” said Dr. Casey Marks, chief product officer and vice president, ISC2. “Our certifications are indicators of proficiency for different areas of concentration, and these kinds of frameworks can be a helpful guide for hiring organizations that are trying to determine which candidates have the necessary skills for the specific roles they are trying to fill.”

In addition to the recommendations listed in the ASD Cyber Skills Framework, the Framework further advises organisations that the nine defined cyber roles in the Framework are directly equivalent to nine defined roles contained within the NICE framework. The NICE validated and endorsed set of skills mappings between NICE roles and ISC2 certifications is currently being updated by NICE. More information is available via the NICE website.

The full ASD Cyber Skills Framework v2.0 can be downloaded at

About ISC2

ISC2 is the world’s leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our more than 600,000 members, candidates and associates around the globe are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity’s premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills and abilities at every stage of their careers. ISC2 strengthens the influence, diversity and vitality of the cybersecurity profession through advocacy, expertise and workforce empowerment that accelerates cyber safety and security in an interconnected world. Our charitable foundation, The Center for Cyber Safety and Education, helps create more access to cyber careers and educate those most vulnerable. Learn more and get involved at Connect with us on X, Facebook and LinkedIn.

© 2020 ISC2 Inc., ISC2, CISSP, SSCP, CCSP, CGRC, CSSLP, HCISPP, ISSAP, ISSEP, ISSMP and CBK are registered marks, and CC is a service mark of ISC2, Inc.

Media Contact:
Amanda Steinman
Senior PR Manager