Blog

A Comprehensive Guide to Getting and Calculating Cybersecurity CPE Credits

Posted by: Rinat Villeval
June 12, 2023
Getting your Trinity Audio player ready...

“Keeping up with my CPE credits is my favorite part of my job.” Said no one. Ever. 

Continuing Professional Education (CPE) credits are a key element in helping cybersecurity professionals keep their hard earned knowledge fresh and to stay up to date with the ever-evolving landscape of threats and technologies. But maintaining them can be somewhat of a challenge for busy professionals. I view my role as Manager of Technical Enablement of XM Cyber Academy as that of someone who helps ease the thorny process, hopefully making it a bit more palatable.

In this blog, I’ll dive into the often-perplexing world of CPE credits. I’ll cover how and where to get them and calculate them effectively. Maintaining CPEs are important for any stage of your career, whether you’re a seasoned cybersecurity expert or just starting out. So the more you understand about their importance and how to obtain them, the better it will be for your professional growth and credibility.

Understanding CPE Credits

So to start, Continuing Professional Education (CPE) credits are a measurement of the professional development activities that cybersecurity practitioners undertake to expand knowledge, skills, and abilities. These credits serve as evidence that you actively engage in educational opportunities to maintain your expertise in the field. 

Sources of CPE Credits

There are LOADS of different ways to earn credits:

  • Credits can be earned by attending courses like Black Hat, RSA, etc. By going to industry conferences, seminars, workshops, and webinars, you can earn CPE credits in a relatively low effort and potentially enjoyable way. Check out this list by SANS that covers a bunch of possible ways to earn CPEs.
  • Participating in cybersecurity training courses, either in-person or online, can offer structured learning opportunities that contribute to your CPE credits. Many cybersecurity organizations and associations offer CPE credits to their members through various activities, including webinars, chapter meetings, and volunteering. If you haven’t already, check out the courses over XM Cyber Academy, as it has various certifications that can be leveraged for CPE credit.
  • If you’re really adventurous, you can try authoring research papers, articles, or books in the cybersecurity domain to get your CPE credits. 
  • And lastly, by sharing your expertise by teaching or mentoring others in the field you can also qualify for CPE credits.

How to Calculate CPE Credits:

You might think calculating the number of credits you’ve earned would be as easy as well, adding them up – but in truth it’s not that simple (Come on, did you really expect it to be that straightforward?) Different activities carry different CPE credit values, and it’s crucial to understand how to calculate and document what you have earned accurately. 

Here are some key factors to consider:

a) Time Allocation: CPE credits are often based on the number of hours spent on an activity. So make sure you keep track of the time you spend actively engaging in educational activities.

b) CPE Credit Guidelines: Each certifying body or organization may have specific guidelines for calculating credits. Get familiar with these guidelines to ensure accurate calculations.

c) CPE Credit Categories: CPE activities are often categorized into domains, such as technical, managerial, or ethical, each with assigned credit values. Keep these categories in mind while recording your credits.

d) Documentation: Keep detailed records of what you’ve done, including event agendas, certificates of completion, or any other supporting documentation. These records will be your friends when submitting your CPE credits for validation. Also make sure to include the number of hours each course was.

Reporting and Validation 

Okay, now you’ve got the credits – but what comes next? Once you have the required credits, you need to report and validate them with the appropriate certifying bodies or organizations. This process ensures that your professional development efforts are recognized and documented properly.

Certifying bodies typically have reporting periods, which can be quarterly, biannually, or annually. After all that hard work and effort, you really don’t want to miss any of those deadlines so get familiar with the reporting timelines. Then follow the specified submission process outlined by the certifying body. This usually involves filling out a CPE reporting form and attaching supporting documentation. Some certifying bodies may randomly select professionals for a CPE audit to verify the reported credits. While no one wants to be “the chosen one”, it could happen to you. To prevent any unnecessary panic, ensure to maintain accurate records of your activities to facilitate the validation process.

“Learn continually. There’s always one more thing to learn.” 

Now this quote really does have a source and it’s Steve Jobs. As humans, we are always striving to push ourselves and excel – and learn one more thing. I often find myself looking for new things to learn, like podcasts and online courses – and this is why I enjoy helping professionals continue to reach their goals. I hope the various sources I mentioned here and the tips to calculate credits accurately help you in your pursuit of maintaining your professional growth.


Rinat Villeval

Rinat is a natural problem-solving people-person, as well as an avid cybersecurity enthusiast. She holds a BSc in Communication Systems, and to top it all off, she is also a mom of three.

Find and fix the exposures that put your critical assets at risk with ultra-efficient remediation.

See what attackers see, so you can stop them from doing what attackers do.