The CISSP is a very good exam. It will force you to study and understand items that fall under the "security umbrella"...
that you might not have originally considered. Most people have a very narrow focus and a limited view of what security is truly all about. While preparing for this exam, you may uncover other security aspects of interest to you that will help define your niche.
Since the technology surrounding business issues and government regulations are constantly changing, the security field is becoming more complex. Also, this ever-changing environment makes it harder for a "security generalist" to be effective. Therefore, I recommend you expose yourself to as many different security sectors as possible. Then, once you are CISSP certified, you can start studying one of these fields and start achieving vendor-oriented certifications that are specific to that field.
Related Q&A from Shon Harris, Contributor
When it comes to firewalls, the networking group often handles the installation, while the information security department writes the rules. Should ...continue reading
In today's security world, it's hard to keep track of each and every management standard and auditing procedure. In this SearchSecurity.com Q&A, ...continue reading
Before you begin putting the pieces of your security program together, you may want to have a look at ISO 27001. In this expert Q&A, Shon Harris ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.