Add to collection(s) Add to saved
  1. Arts & Humanities
  2. Philosophy
  3. Ethics

Reasons to Become CISSP Certified

advertisement 
Reasons to Become
CISSP Certified
Keith A. Watson, CISSP
CERIAS
Overview
 Certification review
 Organizational needs
 Individual needs
• Get paid more!
• See the world!
 CISSP requirements
 Common Body of Knowledge Areas
 Study Suggestions
2
Certification Review
 Multiple types of certification available:
• Professional
• Vendor
• Technical
 Each type provides a different focus
 The one right for you depends on:
• Your career objectives
• Your time available to seek certification
• Your (or your employer’s) budget
3
Commonalities in
Certification Programs
 Understand a common body of knowledge
 Previous education and/or work experience
 Demonstrate a level of understanding
 Certification time period
 Re-certification procedures
 Reinstatement
 Dues, Fees, or Memberships
4
Professional Certification
 Body of Knowledge encompasses the majority of
the field
 Managed by a non-profit organization
 Exam requires NDA
 Requires commitment to code of ethics
 Requires endorsement and may involve an audit
 Examples:
• (ISC)2 CISSP
• ISACA CISA and CISM
5
Organizational Needs
 Risk Management
• Regulatory requirements (GLBA, HIPAA, SOX, FERPA,
FISMA, DoD Directive 8570.1, etc)
• Insurance requirements
• Evolving and emerging security threats require staff
with new skills and knowledge
 Human Resources
• Independent evaluation of knowledge and skills
• Measurable level of knowledge
• Defined skill set
• Makes resume searching easier
6
More Organizational Needs
 Organizational Marketing
• Better visibility to customers that need
security expertise and services
• Easier to sell services with certified employees
• Customers may not know the acronyms, but
they always seem impressed by them
 Quality Employees
• Generalists (breadth of knowledge)
• Specialists (depth of knowledge)
7
Individual Needs:
Get Paid More!
 Surveys by professional organizations and
market research firms indicated certified
employees earn more (IDC, SANS)
• CISSP median income: $95,155 (SANS)
• Salary increases outpacing other IT fields (IDC)
 Internally, your certification may lead to a
promotion or raise, your mileage may vary
8
Individual Needs:
See the World!
 Great demand for certified individuals
around the world and in most industries
 More job postings include requirements
for (or desire to obtain) certification
 Because information security is
important throughout an organization,
your job may evolve
9
Disadvantages
 Significant costs are involved
• CISSP: $500 (exam) $85 (yearly dues)
• Professional training courses > $1500
 Time involved to prepare for exams
• CISSP: I studied 2 hours/day for 4 months
• Professional training courses 5 days or longer
 May not be seen as beneficial to current
employer or management
10
CISSP Requirements
 Commit to Code of Ethics
 Have required work experience (as of 1 Oct)
• five years relevant security work -- OR -• four years work + college degree
 Pass the Examination
• 250 multiple choice questions; Six hours
 Continuing Professional Education
• 120 credits per three year certification period
 Pay yearly maintenance fee
11
CISSP CBK Areas
 Access Control Systems and
Methodology
 Application and Systems Development
Security
 Business Continuity Planning and
Disaster Recovery Planning
 Cryptography
 Law, Investigation, and Ethics
12
More CISSP CBK Areas
 Operations Security
 Physical Security
 Security Architecture
 Security Management Practices
 Telecommunications and Networking
Security
13
Study Methods
 Professional training
• Focused, expensive, time-consuming
 Self study
• Read, read, read
• Find and use collection of sample questions
 Group study
• Find a group of people that will take the test
about the same time
• Set an agenda; keep to a schedule
14
Keith’s Suggestions for
Preparing for the Exam
 Sign up for the test today!
• A deadline is a great motivator for study
• Schedule it out no more than 6 months, if possible
 Collect your study materials
• Build a library of documents in the subject areas
 Set time aside every day for study
• Avoid taking too much time off between study
 Group study can be helpful for some
 Find a CISSP to help mentor
15
In summary...
 Certification will require significant effort
on your part to master the subject areas
 Certification can be very beneficial to
your career
 Your certification can be beneficial to
your employer too
16
References
 IDC, 2006 Information Security Workforce Study,
October 2006.
 SANS, The SANS 2005 Information Security Salary
& Career Advancement Survey, January 2006.
 Ronald L. Krutz, Russell D. Vines, The CISSP Prep
Guide: Gold Edition, Wiley, October 2002.
 Harold F. Tipton, Kevin Henry, Official (ISC)2
Guide to the CISSP CBK, Auerbach, November
2006.
17
Related documents
Summary guide about CISSP certification
Summary guide about CISSP certification
By: Peter Gregory and Bruce Lobree
By: Peter Gregory and Bruce Lobree
CISSP Certified Information Systems Security Professional August 20-24, 2012
CISSP Certified Information Systems Security Professional August 20-24, 2012
Clay Ramsey, MBA, CISSP 2305 Timbercreek Circle Plano, Texas
Clay Ramsey, MBA, CISSP 2305 Timbercreek Circle Plano, Texas
PRESS RELEASE: McCoy Bolt Works, Inc. announced the receipt of
PRESS RELEASE: McCoy Bolt Works, Inc. announced the receipt of
Fire hazard properties certification form
Fire hazard properties certification form
Example: Data Mining for the NBA - The University of Texas at Dallas
Example: Data Mining for the NBA - The University of Texas at Dallas
CISSP Exam Outline-121417- Final
CISSP Exam Outline-121417- Final
CISSP-Exam-Outline-English-April-2021
CISSP-Exam-Outline-English-April-2021
Introduction to the CISSP Exam
Introduction to the CISSP Exam
CISSP Exam Outline-English-RB
CISSP Exam Outline-English-RB
0789749599
0789749599
CISSP Prep Guide
CISSP Prep Guide
Download
advertisement