How do cybersecurity certification renewals work?

Cybersecurity certification renewal is an ongoing commitment that professionals need to plan for financially and time-wise. CompTIA certifications (Security+, CySA+, PenTest+, CASP+) renew every 3 years. You can renew by earning 50 Continuing Education (CE) credits through training, conferences, publishing, or earning a higher CompTIA certification. The annual fee is $50 per certification as of April 2026.

ISC2 certifications (CISSP, CCSP) require 40 Continuing Professional Education (CPE) credits per year (120 over the 3-year cycle) and an Annual Maintenance Fee (AMF) of $125 per year for CISSP holders. ISC2 Associate members pay $50 per year. CPE credits can be earned through training courses, conferences, volunteer work, and publishing cybersecurity content.

ISACA certifications (CISM, CISA) require 20 CPE hours annually (120 over 3 years) and an annual maintenance fee of $45 for ISACA members or $85 for non-members as of April 2026. EC-Council's CEH requires 120 ECE credits over 3 years plus an $80 annual membership fee.

Notable exceptions: OffSec's OSCP does not expire and requires no renewal. This makes OSCP a one-time investment, though OffSec does update the exam content periodically. GIAC certifications from SANS require 36 CPE credits over 4 years plus a $469 renewal fee. DecipherU's certification guides include renewal cost projections so you can factor ongoing maintenance into your certification investment decisions.