The only cybersecurity certification program engineered for the physical-cyber realities of commercial buildings, and the building technology specialists who protect them. OT/BAS systems, Yardi, network segmentation, and the threat actors targeting your portfolio.
Whether you're an IT administrator managing a building portfolio, a building technology specialist working with BAS and OT systems, or a CISO reporting to the board, there's a credential designed for your exact level.
Train your team, certify your buildings, and demonstrate security posture to investors, tenants, and insurance carriers, with a program built specifically for CRE portfolios of every size.
From awareness to executive leadership, every credential is anchored in commercial real estate's specific threat landscape, platforms, and physical-cyber environment.
Every domain was built from real commercial real estate incidents, platforms, and operational environments, not adapted from a generic IT curriculum.
CRE cybersecurity practitioners with industry-specific credentials consistently out-earn their uncertified peers, and carry measurably more influence with boards, insurers, and tenants.
Advisory Board Member pricing locks in your CCP-CRE at 30% off, for life. The cohort closes at 50 organizations.
Join the Advisory Board →General-purpose credentials give you the foundation. CRE Cybersecurity Institute gives you the specialization that matters when a building's BAS network gets compromised at 2 a.m.
| Feature | CCP-CRE CRE Cybersecurity Institute$500 |
ISACA CISM$575–$760 | ISC2 CISSP$749 | CompTIA Sec+$392 |
|---|---|---|---|---|
| CRE-Specific Coverage | ||||
| CRE-specific curriculum | ✓ Full | — | — | — |
| OT / Building Automation (BACnet, Modbus) | ✓ Deep | — | ◐ Basic | — |
| Physical access control & CCTV security | ✓ | — | — | — |
| Yardi / Genea / PropTech application security | ✓ | — | — | — |
| Tenant network isolation & VLAN strategy | ✓ | — | ◐ Partial | ◐ Partial |
| Exam & Certification Structure | ||||
| Practical lab component | ✓ Included | — | — | — |
| Experience required | 1 yr + CRA-RE | 5 years | 5 years | None |
| Biannual renewal CPE burden | 12 CPE / 2 yr | 20 CPE / yr | 120 CPE / 3 yr | 50 CE / 3 yr |
| Passing score transparency | ✓ 80% fixed | ◐ Scaled | ◐ Scaled | ◐ Scaled |
| Organizational Value | ||||
| Building-level certification program | ✓ Bronze → Platinum | — | — | — |
| Cyber insurance underwriting integration | ✓ In development | — | — | — |
| Advisory Board program (30% charter pricing) | ✓ 50 spots | — | — | — |
◐ Partial = topic is touched but not covered with CRE operational depth. General certifications are excellent broad foundations, CRE Cybersecurity Institute is a specialization layer, not a replacement. CISM/CISSP holders bring valuable experience and are recognized as a bonus at higher tiers. Pricing based on publicly available member/non-member rates as of Q1 2026.
Already hold CISM or CISSP? That experience carries real weight at the CCPR-CRE level and above. No certification prerequisite is required, but your existing credential and knowledge base will give you a strong head start on the curriculum.
Explore Pathways →The CRE Cybersecurity Institute curriculum, exam blueprints, and building certification frameworks are developed and reviewed by active practitioners across the commercial real estate security ecosystem.
Advisory Board membership is invitation only. We are assembling a board of CRE cybersecurity practitioners and organizational leaders. Members receive charter pricing, recognition on program materials, and direct input into the credential roadmap.
From a single property manager to a 200-person portfolio team, enterprise programs include exam vouchers, study access, cohort scheduling, and progress reporting.
"We certified our entire IT and facilities team across two cohorts. The OT/BAS domain content was genuinely new knowledge for people who had been working with building systems for years, that's rare in any certification program."
— VP of Property Technology, West Coast Office REIT"I've held CISSP for years. CCP-CRE covered things I'd never seen addressed, BACnet security, Yardi access control, vendor RDP exposure on CCTV systems. Genuinely different from any certification I've taken."
"We used the Bronze-B assessment as our first structured security gap analysis. The remediation roadmap was immediately actionable, and our cyber insurer requested a copy of the report."
"The CCTV workstation compromise case study was basically our incident from last year. If our facilities team had read this CBK, that attack probably wouldn't have succeeded. That's the test of a curriculum."
CRA-RE requires 1 or more years in IT, OT, cybersecurity, or an adjacent field. CCP-CRE requires 2 to 3 years. CCPR-CRE requires 3 to 5 years. CSL-CRE requires 10 or more years of cybersecurity leadership experience. No prior certification is required at any level. Holding a CompTIA, CISM, or similar credential is a bonus but never a requirement.
CISM holders bring strong foundational knowledge that maps well to CCPR-CRE content. There is no certification prerequisite at any level, only experience. If you have the years on the ground and want to go straight to CCPR-CRE, the experience requirement is what matters. We recommend reviewing the CCP-CRE CBK regardless as CCPR-CRE tests OT/BAS and CRE-specific content not covered by the CISM curriculum.
ISACA and CompTIA offer general-purpose credentials applicable across all industries. CRE Cybersecurity Institute is purpose-built for commercial real estate, covering BACnet, Yardi, physical access control, OT/BAS network architecture, and the specific threat actors targeting CRE portfolios. We see CRE Cybersecurity Institute as a specialization, not a replacement for CISM or Security+.
Advisory Board membership is invitation only. The first 50 organizations accepted receive 30% lifetime charter pricing, early access to every new credential, recognition on the Advisory Board Wall, and direct input into the program roadmap.