Earning CPEs for Your CISSP (and other Security Certifications)

One of my co-workers recently earned his CISSP (Congratulations, Arnold!). I wanted to share with him some of the ways I’ve earned CPE (Continuing Professional Education) credits. I figured others could benefit as well so I decided to write this to share.

There are a variety of ways to earn credits so you should be able to find what works best for you. Many are completely free of charge while others can be pricey. It just depends on your budget and your schedule.

As of this writing ISC2 requires 120 CPE credit hours over the course of 3 years (40 hours per year). That’s in addition to your Annual Maintenance Fee (AMF) of $85(US). You can read the official guidelines here: Maintaining Your Credential

One important thing to keep in mind is that CPEs are self reported. To be credentialed, you’ve agreed to fully support and commit to upholding the Code of Ethics. Only report credits you’ve actually earned. I keep a spreadsheet with notes on each credit entered as evidence (PDFs, Links, Agendas, Summary, etc.) in the event of an audit.


Conferences can be the fastest way to rack up a lot of credit. In the course of a single week you can earn 30 or more hours of credit. However, this requires spending focused time in attending the conference. While this is a great way to enhance your skills and earn credits, it can also be the most expensive. Many conferences can cost $2000 or more just for registration, not including travel expenses and time away from work. Be sure to look for smaller local/regional one-day conferences in your area.

Some of my favorites (in alphabetical order)


Security podcasts are the easiest way to earn credit. You can fit them into your schedule wherever it’s best for you and listen during your “down time” without interrupting your other obligations. And one of the best parts is they’re free! Because most podcasts are published on regular schedule you can keep up on all the latest news and emerging threats. One potential downside of podcasts is that some can be short so it may take more than one episode to earn each hour of credit.

Some of my favorites:


Another great way to earn credits are through online webinars. Similar to podcasts, but in many cases you can “attend” live during a presentation. For live presentations you’ll have to fit them into your schedule, but many sources offer a catalog of previous events that you can stream on demand. An additional benefit is that many organizers will automatically credit the CPEs to your ISC2 profile by providing your credential number when you register.

Some of my favorites:

Books, Magazines, and Whitepapers

Great for airplane rides. Subscribe to some security magazines. Search the web for whitepapers on topics that interest you. Get some digital copies downloaded to your favorite reader to have on hand when you’re disconnected from everything else.

Some of my favorites:

These are just a few. If you have tips for earning CPEs please share in the comments.