Spotlight of the month
Should you become a CISSP?
redtoo Information Security expert Yannick Thebault obtained the diploma as “Certified Information Systems Security Professional” (CISSP) just recently. In this month’s Spotlight he talks about his experience and whether other IT security experts should become CISSPs or not.
“CISSP is the acronym for “Certified Information Systems Security Professional” which actually most if the certified people don’t remember, but that’s a different story. A while ago, I decided to take on the exam, which consists of 250 multiple choice questions during a six hour session. First, I looked into different options to prepare myself and ended up with reading different training materials and books. Out of my experience, the only resource I can recommend is the “CISSP All-in-one Exam Guide” currently available in its 6th edition. I think it’s the only book which is consistent from beginning to end and somewhat comprehensive enough to cover all of the ten CISSP domains.
Back to my initial question: why should you become a CISSP at all? There are plenty of different certifications in Information Security, but only a few are well-known. Sadly, these days, certifications are big business and there’s a lot of marketing around it. However, with any certification your primary goal is to provide evidence of your expertise, either towards your customers or your employer. Thus, I would recommend aiming for a certification from one of the well-known institutions like ISC2, ISACA or GIAC. Ask to following questions to yourself:
- Am I serious about working in the Information Security field?
- Can I spend 50 – 100 hours preparing myself in the next 6 months?
- Do my customers or employer understand what this certification is about?
- Do I have at least five years of solid experience in an IT position?
If you can answer above questions positively, you may consider taking the CISSP exam. Finally, you have to keep in mind that once certified you need to provide evidence on your continuous learning efforts to keep your status, roughly about 40 hours a year.”