Life has been fairly quiet in the Midwest over the last few weeks, well at least at my house. Especially since I stopped answering the phone after working hours - I live in a swing state so I am being inundated with calls for this candidate and that candidate and the surrounding support groups. It has made it a bit difficult to study...
Yes, I said study.
I am getting ready to go take the CISSP exam on November 1. I will share some of my experience in the next few days. I was long hesitant to get the certification mostly because I did not see the value and did not think I needed to have it.
Well, I recently decided that I was going to look for another opportunity and quickly discovered that although I could get my foot in the door for an interview, I was having difficulty closing the deal because somewhere along the line the company had chosen to require that the new employee be a CISSP. I also had been part of an interesting discussion at the RSA conference in April discussing the merits of getting certified. Most everyone agreed that having a CISSP was not necessarily an indicator of the capacity and capabilities of a person, but that it was a simple equation: if the company is asking that you have it, you need to have it, and if you do not, you probably won't make if past the initial resume review. I liken it back to having an MCSE in the late 90's or right after Y2K, not necessarily a ticket to the job, but it definitely gets you on to the correct platform to catch the train (or the hand cart, depending upon how many positions the company had).
If anyone is interested in attending the upcoming CSI 2008 conference in DC November 15-21, the Security Bloggers Network has been offered a discount code to give out to all of our readers - BLOG25. This will get you a 25% discount for conference regsitration.
Be safer out there,