I am currently earning my bachelor's in security management, and I want to earn the CISSP certification. I have
no security experience in the military, private or public sectors. I have a certificate of completion of an IT program that readied me for the A+, Linux +, Network + and MCSE certifications, but I have yet to earn them since I started earning my security bachelor's degree. What degree path or major should I take to get into a career that could help me earn and use a CISSP cert?
One of the requirements of a CISSP certification is to have four years of practical experience as a full-time security professional, so it'll be a while before you are eligible to get the certification.
In the meantime, I think you should concentrate on the fundamentals of computer systems design, programming and other foundational aspects of modern IT. If you don't understand how applications are built, how Web sites are deployed and how networks operate, it will be very hard for you to learn how to protect them. Many younger folks want to jump into the cool aspects of network and systems protection without first having fully understood the fundamentals of computer science. And without more specifics on the IT program you completed, I can't comment on its value.
In terms of majors, anything related to computer science and/or engineering will give you the background you need to study information security. I studied operations research and industrial engineering in college, and although that isn't exactly applicable to information security now, it gave me enough fundamentals to be able to learn what I needed to know.
You also may want to consider interning or getting a part-time job with the IT department at your school. Secondary education networks are perhaps one of the hardest to secure due to the open nature of academic research and the fact that it's politically incorrect to tell students they can't do things. So if you cut your teeth in that kind of environment, you'll be well prepared for what the "real" world has to offer and you'll get that CISSP certificate before you know it.
- In this SearchSecurity.com Q&A, discover which security certifications, such as CISSP and CISA, comply with specific objectives.
- Contributor Peter H. Gregory explains how CISSP training can help information security practitioners succeed in compliance related situations.
Dig deeper on CISSP Certification
Related Q&A from Mike Rothman, Contributor
In the world of security certifications, what is the GISP and how alike is it to the CISSP? In this security management expert response, learn about ...continue reading
Depending on your enterprise, it may or may not be necessary to utilize a QSA. In this security management expert response, learn how to determine ...continue reading
When developing software securely, what role does gap analysis play? In this security management expert response, learn how to implement gap analysis...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.