Monday, August 21, 2017


As some of you know, I'm currently working on the CISSP certification. And during this time, I have asked myself this question: Why does a technical resource need this certification?
I'm sure some people will disagree, but for me, the answer is:  They don't.
I'm still going to get it, because I know people want you to have it with what I do for a living.  But honestly, the topics on the CISSP exam do not reflect what a technical person really needs to know.
However, for management, yes, I can see it. They DO need this cert, based on what I'm studying. And to me, it should be a requirement of any CISO who is actively working as a company security policy manager (because policy is what they really are supposed to do). What I'm studying is about policy, not how to stop someone from hacking into the network or even best practices with config.
CISOs get paid a lot of money. You need to require them to have this cert.

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.