CISSP – Security Professional

iCISSP domainsI recently was awarded my CISSP from (ISC)² and am waiting for the welcome packet.

This was a long journey for me (14 months) but I got all the way up to the exam and spent less than $100. I bought an old course for $59, the book and then a pittance on a couple of apps with practice questions.

Once I started I decided to pursue the some aspects more deeply by taking the Stanford Cryptography course and a Princeton Blockchain course.  Once learning that CISSP’s can be used as expert witnesses in cybercrime criminal cases, I also took a 48 lecture law course that included litigation process and procedure.

Recently, I was elected the Research Triangle (ISC)² Chapter President which runs from April 2018 until April 2020.

The Certified Information Systems Security Professional (CISSP) is an information security certification that was developed by the International InformationSystems Security Certification Consortium, also known as (ISC)².

The CISSP curriculum covers subject matter in a variety of Information Security topics.  The CISSP examination is based on what (ISC)² terms the Common Body of Knowledge (or CBK). According to (ISC)², “the CISSP CBK is a taxonomy – a collection of topics relevant to information security professionals around the world. The CISSP CBK establishes a common framework of information security terms and principles that allow information security professionals worldwide to discuss, debate and resolve matters pertaining to the profession with a common understanding.”

From 2015, the CISSP curriculum is divided into eight domains:

  • Security and Risk Management
  • Asset Security
  • Security Engineering
  • Communications and Network Security
  • Identity and Access Management
  • Security Assessment and Testing
  • Security Operations
  • Software Development Security