Showing posts with label (ISC)² training. Show all posts
Showing posts with label (ISC)² training. Show all posts

Thursday, 11 August 2016

Why CISSP is a must have certification, now more than ever


ISC2's CISSP course is essential if your pursuing a senior role in Information Security. CISSP provides an extensive overview of the Common Body of Knowledge (CBK): a compendium of information security practices and standards compiled and continually updated by (ISC)2.

CISSP is integral in developing an extensive understanding of information security and has gained importance as a key component in the selection process for management-level information security positions. But, for those that are unfamiliar, here are the top reasons why CISSP is the certification to choose, now more than ever.


1. Worldwide recognition:


A certification is only as good as the recognition attached to it. Unlike many standard certs, CISSP boasts industry wide recognition, acknowledged in 2015 by SC Magazine (for the fifth time) as the ‘Best Professional Certification Program’.

This Gold Standard credential is not only recognised by the world’s leading multinationals - such as Google, IBM and P&G - it’s also deemed a requirement in 56% of cyber jobs in the contracting industry. If you’re looking to take on the complicated world of IT security, a CISSP certification is a must have.






2. Job competence:


In the 2015 (ISC)2 Global Workforce Study, the report found that the attributes that best characterise ‘successful’ information security professionals came down to a broad understanding of the security field, communication skills and awareness of the latest security threats. 


2015 (ISC)2 Global Information Security Workforce Study

CISSP’s core content, seen in the domains listed below, actively seeks to develop this wide range of information and security management. The CISSP CBK consists of the following eight domains:
  • Security and Risk Management: Addresses a broad spectrum of general information security and risk management topics.
  • Asset Security: Addresses the collection, handling and protection of information throughout its life cycle. 
  • Security Engineering: Is the practice of building information systems and related architecture that continue to deliver the required functionality in the face of threats that may be caused by malicious acts. 
  • Communication and Network Security: Encompasses the network architecture, transmission methods, transport protocols, control devices and the security measures used to maintain the confidentiality, integrity and availability of information transmitted over both private and public communication networks. 
  • Identity and Access Management: Involves provisioning and managing the identities and access used in the interaction of humans and information systems, of disparate information systems and even between individual components of information systems. 
  • Security Assessment and Testing: Involves the evaluation of information assets and associated infrastructure using various tools and techniques for the purposes of identifying and mitigating risk. 
  • Security Operations: Involves the application of information security concepts and best practices to the operation of enterprise computing systems.
  • Software Development Security: Involves the application of security concepts and best practices to production and development software environments. 
The Global Workforce study also compares the job roles of (ISC)2 members versus non-members. 

The findings show those with an (ISC)2 certification such as CISSP, although in possession of a wide range of information, are more likely to take on specialised job roles. Examples of such specialist positions include Security Consultant, Security Architect, Information Assurance Manager or Security Advisor. Nannette Ripmeester, founder of Expertise in Labour Mobility, believes these “specific skills are valued more [by employers] because they are more difficult to teach”. Non-members, however, are more likely to have generalist IT roles such as Network Administrator, Security Systems Administrator or Technical Consultant. 



3. (ISC)2 Membership:

Once you have completed an (ISC)2 certification and subject to annual maintenance fees, you become an (ISC)2 member. This membership offers plenty of resources and benefits that can help further your knowledge and network. Some of these include:

  • Access to a vast network: With over 110,000 members across 160 countries, you will gain access to other CISSP certified individuals and the shareable knowledge of this community. 

  • The opportunity to earn CPEs - critical for maintaining your certification in good standing

  • Discounts on industry conferences and access to free online events. 

  • Access to industry-leading research: Includes the ISC Journal and the Global Information Security Workforce Study. 
  • Security central: An exclusive resource that researches and tracks vulnerabilities using proprietary, state-of-the-art algorithms to aggregate, categorise and prioritise vulnerabilities affecting tens of thousands of products.
  • Industry recognition: An event acknowledging distinguished information security professionals. 
  • Digital badges: Allows you to share your credentials online through the use of a badge.

4. Earning potential:


The CISSP certification proves you have the advanced skills, knowledge and commitment required, to command higher wages.

The challenging standards require students to have at least 5 years of experience in two of the eight (ISC)2 domains listed above. Additionally, the student must complete a 250 question multiple choice exam in order to be officially certified.

Although a difficult process, requiring students to fully understand the CBK and framework of information security practices and standards, the return on investment makes it one of the most highly sought after courses available. 


Those with a CISSP certification command an average an salary of £76,700, compared with £62,500 for similar job titles without a CISSP certification.



5. Growing demand for Security Professionals/Higher spending on IT security:


CISSP has and is likely to always remain a well-performing certification, but what makes it so special today?

As businesses become increasingly dependent on information technology, the importance of cyber security has never been so important. Cybersecurity Ventures projects $1 trillion will be spent globally on cyber security from 2017 to 2021. Editor-In-Chief, Steve Morgan, stated that “IT analyst forecasts are unable to keep pace with the dramatic rise in cyber-crime”. Forbes echoed this in a recent article, stating that the booming cyber security market is expected to grow from $75 billion in 2015 to $170 billion by 2020.

Despite the industry experiencing rapid growth, (ISC)2 found that by 2019 there will be a shortage of 1.5 million information security professionals. So, not only is CISSP a qualification that can propel your IT career, its current high demand in a growing industry make 2016 the best time to start. 





Friday, 31 October 2014

(ISC)2 CISSP – Official vs. Unofficial


By 


Unofficial training can often seem like a more viable alternative to its official counterpart. It may often be cheaper, but it’s a false economy – you might not be aware of all the benefits of official training.

How much better really is it to get your CISSP with an official (ISC)2 provider?

Instructors


With an authorised (ISC)2 training provider, you’ll be learning from official CISSP instructors, vetted and trained by (ISC)2 themselves.

Conversely, unauthorised instructors are not taught or trained to deliver official (ISC)2 material.  There’s no vetting process for unauthorised instructors, so you’ll be relying on your training providers opinion and this might not align with (ISC)2’s strict guidelines.


Course material


When going official you’ll get the latest (ISC)2 training materials.  When considering that the CISSP exam questions are entirely rewritten roughly every two months, possessing this up-to-date material is crucial.

(ISC)2 make sure their exams continually evolve and stay current with information security trends and practices.  Every CISSP exam even features a set of secret ‘dummy questions’ (questions which won’t count towards your final score but are used by (ISC)2 to gauge the suitability of new exam questions).

(ISC)2 are clearly committed to staying up-to-date. To beat the CISSP exam, you’ll have to as well. This means getting access to official (ISC)2 course material.

Use unofficial course material and you run the risk of studying a dated curriculum and obsolete materials. This is because unofficial courses simply don’t have access to the official material.


Practice exam papers


We’ve all taken advantage of practice exam papers as a brilliant method of revision. Nothing can beat the realism that a practice paper provides; knowing exactly what you’re up against can often mean the difference between a pass and a fail.

Going into an exam without having seen a past paper can be a gruelling experience. Luckily, authorised (ISC)2 training providers have access to official past papers.

Unfortunately, unauthorised training providers just don’t have access to these infinitely useful revision tools. Worst case scenario you’ll be working on questions which just aren’t aligned to the exam your about to take.


Taking the exam


Official (ISC)2 training providers are able to provide your exams onsite. That means you won’t have to spend £498 on the exam voucher and get yourself down to an exam centre.

Instead, you’ll just be sitting your exam in the same facility that you’re already studying in. As you might imagine, unofficial providers can’t offer the exam – you’ll have to make your own arrangements.


Bonus: Get CISSP certified with the only official (ISC)2 provider in the UK

Firebrand are immensely proud to be the only official (ISC)2 training provider in the UK. This CISSP course just doesn't compare. Here’s just how different it is:


You’ll get certified in only 7 days and still get more hours of learning than anywhere else

Firebrand’s official (ISC)CISSP Boot Camp is just 7 days. This includes taking and passing your CISSP exam as well as receiving your instant exam results at the training facility on the last day of the course.

You’re learning day will last from 9:00am to 9:00pm – that’s 12 hours of actual training each day. With the best similar training providers you’ll only be learning from 9:00am – 5:00pm.

On day 6 of our 7 day course, you’ll get an entire 12 hour exam preparation day. During this day your (ISC)authorised instructor will explain the methods and techniques you need to know to pass your exam.

No distractions

You’ll be better prepared to achieve first-time success when you can focus entirely on achieving your CISSP for seven entire days. And once your exam is completed on your last day, your objective is complete, in no time at all.

You’ll essentially be putting a ‘Do Not Disturb’ sign up on the door to your life. So far Firebrand has trained over 55,000 students in this total-immersion and distraction free environment.

And…

That’s not to mention that other training courses don’t provide accommodation, an exam voucher or even exam delivery.

Find out more about Firebrand’s unique CISSP course on the Firebrand website.

Related articles:

-          How to become a CISSP
About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Friday, 24 October 2014

How to become a CISSP


By 


CISSP is a global standard, widely recognized as the information and cybersecurity benchmark certification.

It’s an advanced cert that demonstrates a wealth of IT security knowledge and experience. If you want to ascend the ranks of information security, a CISSP can be an incredibly valuable asset.

The CISSP is a demonstration of your information security acumen and fundamental step for the senior role of Chief Information Security Officer (CISO). With the CISSP, you’ll have a common baseline and standardisation of knowledge, a proven record of ethics and a solid reputation of professional conduct (crucial for a business leader and any striving for senior level positions).

How to become a CISSP

The journey to becoming a CISSP takes hard work and dedication. If it didn’t, this certification wouldn’t be so valuable.

There are five steps to becoming (and maintaining a) CISSP:
  1. Meet the experience requirements
  2. Pass the exam 
  3. Obtain an Endorsement
  4. Prepare for an Audit
  5. Recertification

Don't let the bad guys in.
morguefile / larryfarr

1. Meet the experience requirements 

In order to even register for your CISSP exam, you’ll need to prove you possess five (or more) years of professional experience in information security. 

Plus, you’re history of professional experience must have involved at least two of the following 10 domains present in the CISSP Common Body of Knowledge (CBK):

  1. Access Control
  2. Telecommunications and Network Security
  3. Information Security Governance and Risk Management
  4. Software Development Security
  5. Cryptography
  6. Security Architecture and Design
  7. Operations Security
  8. Business continuity and Disaster Recovery Planning
  9. Legal, Regulations, Investigations and Compliance
  10. Physical (Environmental) Security 

(ISC)2 provide one-year reductions in professional experience if you possess on of the following:

  • A four-year college degree
  • You hold a credential from (ISC)2’s approved list. Examples include: MCSE, MCSA, MCITP CompTIA Security+, the CISA / CISM and the CCNP (to name just a few)
  • An advanced degree in information security from the U.S. National Centre of Academic Excellence in Information Assurance Education (CAE/IAE)

It’s worth noting that you cannot combine these qualifications, regardless of how many you possess, you can only receive a maximum reduction of one year.


2. Pass the exam

So you’ve accumulated 5 years of information security experience (or 4 years with the 1 year waiver) and your work embraces two of the 10 CISSP CBK domains.

But before you can even sit the exam you’ll also have to complete the Candidate agreement, confirming your aforementioned experience, and legally committing to the Code of Ethics. You’ll then be required to successfully answer four questions regarding your criminal history and related background.

Now you just need to pass the exam, right? Well, as you can imagine, passing the CISSP exam is going to take some serious preparation.

In fact, in the words of (ISC)2 – ‘The vast breadth of knowledge and experience required to pass the CISSP is what sets it apart.’

The CISSP exam will test your knowledge of the 10 CISSP domains. Achieving the standard of knowledge you need to pass the exam takes time and dedication.

Many CISSP holders recommend taking up to 15 days off work, just to round off your 4 month revision journey. If you can’t afford to take this much time off work, there are always more efficient ways to achieve your CISSP, like training courses or varying speeds.

Now, book the exam – do it early and you’ll save money. But, please note: some training providers do include the exam cost in their training package.

Either way, it’s time for your exam. Be ready for a test of endurance – you’ll have 6 hours to answer as many of the 250 multiple choice questions as you can. 
 

3. Obtain an Endorsement 

Congratulations, you passed your exam! But you’re not done yet. You’ll now have to proposition an active (ISC)2 credential holder to attest to your industry experience.
They’ll have to fill out an endorsement form for you. Once (ISC)2 receives and approves the endorsement, you can finally take up the mantle of a fully-qualified CISSP.


4. Prepare for an audit

(ISC)2 randomly submits some of its CISSP professionals to audits. It’s never a good idea to skew the facts on your application, especially so if you’re singled out for an audit.

If you are found to have incorrect or falsified data on your application, you’re going to lose your CISSP. Honesty really is the best policy.


5. Maintaining your certification 

To remain a member of the (ISC)2, and to keep your CISSP certification, you must:

  • Abide by the (ISC)2 Code of Ethics
  • Obtain and submit the required Continuing Professional Education credits (CPEs)
  • Submit Annual Maintenance Fees (AMFs) upon receipt of annual invoices

The information security landscape is constantly in flux, perhaps no more so than information security. As a result, your CISSP must be maintained with CPEs – a minimum of 20 CPEs every year for the first two years of the three-year cycle.

Even if you satisfy the CPE requirements of your first or second year, your tally must still equal 120 by the end of the third year.

CPE’s can be gained through live educational events and online seminars (available to (ISC)2 members only).

If your certification is terminated, you’ll need to retake the examination before you can return to being CISSP certified. You’ll also be charged a $35 reinstatement fee upon recertification (though this pales in comparison to working through the 6 hour exam once more).



Got what it takes?

If you’ve got the experience, determination and drive to crush the CISSP but don’t want to take several weeks off work – try an accelerated course. You could be certified in only 5 working days.

Related articles:


About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Thursday, 16 August 2012

Free (ISC)2 Study Guide

(ISC)2 is offering a free (ISC)2 Study Guide for every exam scheduled with Pearson Vue before March 1, 2013.

The International Information Systems Security Certification Consortium (ISC)² is the global leader in educating and certifying information security professionals throughout their careers. Certifications by (ISC)2  are seen as one of the key components in the selection process for management-level information security positions.

All you have to do is Enter promo code TEXTBOOK here to receive this offer. It is also available for almost all credential exams (CISSP, SSCP, CAP, CSSLP, ISSAP, ISSMP).

(ISC)2 Promotion


Tuesday, 20 March 2012

(ISC)2 Expands Associate Program


(ISC)2 recently expanded its opportunities for professionals who have the text book knowledge, but not the experience to earn the full-fledged ISC2 certifications. To become an (ISC)Associate, professionals must pass the same exam as their more experienced professionals.

If the candidate gets the required experience within the time period specified, the individual then obtains the full-fledged certification. Associate status is currently available for CSSLP, CAP, CISSP, and SSCP certifications.

Tuesday, 22 June 2010

Check out the (ISC)² Online Resource Guide

International Information Systems Security Certification Consortium (ISC)² is a global, not-for-profit information security specialist.

The organisation that has developed the
CISSP, CSSLP and SSCP certifications offers an Online Resource Guide. It is a portal for information and application security professionals around the world.

The 'Market Square' section has been introduced to offer deals, career services and free resources. This includes: industry classifieds, career connections and the resource library.