Top Banner
Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS
17

Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

Mar 31, 2015

Download

Documents

Angel Ramm
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

Reasons to BecomeCISSP Certified

Keith A. Watson, CISSPCERIAS

Page 2: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

2

Overview

Certification review

Organizational needs

Individual needs• Get paid more!• See the world!

CISSP requirements

Common Body of Knowledge Areas

Study Suggestions

Page 3: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

3

Certification Review

Multiple types of certification available:• Professional• Vendor• Technical

Each type provides a different focus

The one right for you depends on:• Your career objectives• Your time available to seek certification• Your (or your employer’s) budget

Page 4: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

4

Commonalities in Certification Programs

Understand a common body of knowledge

Previous education and/or work experience

Demonstrate a level of understanding

Certification time period

Re-certification procedures

Reinstatement

Dues, Fees, or Memberships

Page 5: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

5

Professional Certification

Body of Knowledge encompasses the majority of the field

Managed by a non-profit organization

Exam requires NDA

Requires commitment to code of ethics

Requires endorsement and may involve an audit

Examples:• (ISC)2 CISSP

• ISACA CISA and CISM

Page 6: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

6

Organizational Needs

Risk Management• Regulatory requirements (GLBA, HIPAA, SOX,

FERPA, FISMA, DoD Directive 8570.1, etc)

• Insurance requirements

• Evolving and emerging security threats require staff with new skills and knowledge

Human Resources• Independent evaluation of knowledge and skills

• Measurable level of knowledge

• Defined skill set

• Makes resume searching easier

Page 7: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

7

More Organizational Needs

Organizational Marketing• Better visibility to customers that need

security expertise and services• Easier to sell services with certified

employees• Customers may not know the acronyms, but

they always seem impressed by them

Quality Employees• Generalists (breadth of knowledge)• Specialists (depth of knowledge)

Page 8: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

8

Individual Needs:Get Paid More!

Surveys by professional organizations and market research firms indicated certified employees earn more (IDC, SANS)• CISSP median income: $95,155 (SANS)• Salary increases outpacing other IT fields

(IDC)

Internally, your certification may lead to a promotion or raise, your mileage may vary

Page 9: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

9

Individual Needs:See the World!

Great demand for certified individuals around the world and in most industries

More job postings include requirements for (or desire to obtain) certification

Because information security is important throughout an organization, your job may evolve

Page 10: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

10

Disadvantages

Significant costs are involved• CISSP: $500 (exam) $85 (yearly dues)• Professional training courses > $1500

Time involved to prepare for exams• CISSP: I studied 2 hours/day for 4 months• Professional training courses 5 days or longer

May not be seen as beneficial to current employer or management

Page 11: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

11

CISSP Requirements

Commit to Code of Ethics

Have required work experience (as of 1 Oct)• five years relevant security work -- OR --

• four years work + college degree

Pass the Examination• 250 multiple choice questions; Six hours

Continuing Professional Education• 120 credits per three year certification period

Pay yearly maintenance fee

Page 12: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

12

CISSP CBK Areas

Access Control Systems and Methodology

Application and Systems Development Security

Business Continuity Planning and Disaster Recovery Planning

Cryptography

Law, Investigation, and Ethics

Page 13: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

13

More CISSP CBK Areas

Operations Security

Physical Security

Security Architecture

Security Management Practices

Telecommunications and Networking Security

Page 14: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

14

Study Methods

Professional training• Focused, expensive, time-consuming

Self study• Read, read, read• Find and use collection of sample questions

Group study• Find a group of people that will take the

test about the same time• Set an agenda; keep to a schedule

Page 15: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

15

Keith’s Suggestions for Preparing for the Exam

Sign up for the test today!• A deadline is a great motivator for study

• Schedule it out no more than 6 months, if possible

Collect your study materials• Build a library of documents in the subject areas

Set time aside every day for study• Avoid taking too much time off between study

Group study can be helpful for some

Find a CISSP to help mentor

Page 16: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

16

In summary...

Certification will require significant effort on your part to master the subject areas

Certification can be very beneficial to your career

Your certification can be beneficial to your employer too

Page 17: Reasons to Become CISSP Certified Keith A. Watson, CISSP CERIAS.

17

References

IDC, 2006 Information Security Workforce Study, October 2006.

SANS, The SANS 2005 Information Security Salary & Career Advancement Survey, January 2006.

Ronald L. Krutz, Russell D. Vines, The CISSP Prep Guide: Gold Edition, Wiley, October 2002.

Harold F. Tipton, Kevin Henry, Official (ISC)2 Guide to the CISSP CBK, Auerbach, November 2006.