The CISSP is a very good exam. It will force you to study and understand items that fall under the "security umbrella" that you might not have originally considered. Most people have a very narrow focus and a limited view of what security is truly all about. While preparing for this exam, you may uncover other security aspects of interest to you that will help define your niche.
Since the technology surrounding business issues and government regulations are constantly changing, the security field is becoming more complex. Also, this ever-changing environment makes it harder for a "security generalist" to be effective. Therefore, I recommend you expose yourself to as many different security sectors as possible. Then, once you are CISSP certified, you can start studying one of these fields and start achieving vendor-oriented certifications that are specific to that field.
This was first published in February 2006