Onward to the CISSP
Well, there’s no turning back now! I finally scheduled my CISSP exam.
That’s not to say I can’t reschedule, but I’m going to pretend that’s not an option so I don’t deviate from my study plan. When I study for an exam I tend to go to all out, so I’ll be reading (or re-reading in some cases) the Shon Harris All-in-One Exam Guide, the official ISC^2 guide, and the Krutz & Vines CISSP Prep Guide. And I’ll be spending many hours running through the practice questions on CCCure.org.
I have been following a number of discussions in the blogosphere and the SCC regarding the value of the CISSP certification. While this has been debated by far more experienced security professionals than I can claim to be, I’ll explain why I am continuing down the CISSP path.
The CISSP certification has been described as “an inch deep and a mile wide.” This is meant to indicate that there is a vast breadth of material covered, but not much of it is explored beyond the basics of that topic area. This implies that a CISSP is not expected to be an expert on any of the 10 domains of the CBK, but rather has a sufficient level of all-around security knowledge.
I see the CISSP as sort of a minimum requirement for most security professionals. It’s not going to impress many people in the field that you have it, but if you don’t, you’d better be prepared to demonstrate why you didn’t need it.
The CISSP is not a Ph.D. It’s not even an M.S. It’s a certification that demonstrates you were able to survive the somewhat arduous exam and meet the experience requirements. It’s likely to get you a pass into the “good pile” in an HR resume selection process, and it can be a marketing tool for a consultant to assert their expertise. It may also give you a bit of a salary increase in your current position.
But let’s be honest; becoming a CISSP is not the culmination of your career. Either you are going to continue learning and growing as a security professional, or you are not. The CISSP shouldn’t be seen as a high water mark; it’s more of a checkpoint along the way.
If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.
Now that you’re using it in your BLOG title does that mean you’ve got your results and you passed?