By Donald C. Donzal, CISSP, MCSE 2003
Summer is upon us. It's time to put down those technical manuals and hit the beach. So grab that plastic, water-proof bag and stuff it with sunscreen, towels, water and light fiction. I can think of no better way for CISSPs and SSCPs to earn continuing professional education (CPE) credits.
It sounds odd, but if you think creatively, there are some cool ways to meet your CISSP® requirements of 120 CPEs (60 for SSCP) over a three-year period. Then again, you could always forget those CPEs and take the exam again, but who really wants to sit for another six hour exam? So let's get inspired and explore interesting ways to maintain your (ISC)2 credential.
You can go the traditional route and attend conferences such as Information Security Decisions, subscribe to industry recognized periodicals like Information Security magazine and attend top notch security training from the SANS Institute or educational programs such as (ISC)2's own Security Leadership Series. All are credible and recommended ways to keep abreast of industry trends and best practices, but there are many more CPEs yet to earn.
Before we begin, let's cover the basics. If you visit (ISC)2 on the Web (isc2.org), you'll find a list of qualifying CPE activities that include, but are not limited to, the following:
This leaves the game open to your interpretation, and that is exactly what (ISC)2 intended. Marc Thompson, Executive Vice President of the (ISC)2 Institute, says, "The whole point is to give you the freedom to choose your own destiny. After all it is your education."
So let's get to it. I put my own creative juices to the test and came up with the top 10 creative ways to earn (ISC)2 CPEs. In no particular order, here are some suggestions.
- Read The Mezonic Agenda (on the beach), by Herbert Thompson and Spyros Nomikos – This is part of the Syngress CyberFiction Series. A fully interactive game is also embedded in the storyline. Learn while being entertained.
- Post in forums – You'd do it anyway, so why not share your security war stories or your certification experience at The Certified Security Professional Online Magazine? Or, share security solutions with your peers in SearchSecurity.com's ITKnowledge Exchange.
- Volunteer at a local elementary or high school – You never know, they may just teach you a thing or two about computer security.
- Join a local users group – If you can't find one, punch your zip code into Culminis' IT Pro User Group Locator. No groups in your area? Start one! Every hour spent in meetings is eligible toward your CPE count (earn more CPEs if you are a board member), and the local networking opportunities may help your career.
- Play video games – Yes, you read that correctly. Search for 'hacker game' at download.com and check out titles such as Uplink, BS Hacker and MindLink. You'll learn security concepts while having a blast. This one may require you to be creative on your CPE submission form.
- Basket Weaving 101 – OK, it's not quite that easy, but 40 of your 120 CPEs can be professional development courses not related in any way to IT security. Let your mind go wild on this one.
- Tired of traveling? Have the CPEs come to you. Invite a security vendor to make a presentation at your company.
- Get your MBA – Sure they're a dime a dozen, but it never hurts the resume. So why not have your studies do double duty? All college courses meet the CPE requirement.
- Attend a local SearchSecurity.com event, check for seminars in your area on our events page and earn CPE credits for attendance.
As for No. 10, if you wrote this article, you would have earned 10 more CPEs!
Next month we'll cover (ISC)2's newly revamped CPE Submission Program and how that will greatly benefit all (ISC)2 certified professionals.
About the author
Donald C. Donzal, CISSP, MCSE 2003 had his first 'real' job as Systems Admin for a hospital and later formed a successful consulting business continuing his work in the medical field while expanding into the SMB and media markets. An entrepreneur at heart, he became CTO of Telco Billing Solutions, Inc. After the tech bubble burst, he accepted a position in his hometown as Director of IT for the Department of Medicine at the University of Illinois at Chicago (UIC), home to the largest medical school in the country. Taking his experience from a wide range of industries and the security concepts intertwined in each, he co-founded The Digital Construction Company in 2004. A firm believer of life-long education, Mr. Donzal is also an advocate of industry certifications as a baseline of knowledge. For this reason, he created CSP Online Magazine as a free and open exchange of security information. Still employed by UIC, Mr. Donzal continues to preach the wonders of technology through a combination of writing, speaking, studying and, of course, working in IT.
CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium Inc., also known as (ISC)2. No endorsement by, affiliation or association with (ISC)2 is implied.
This was first published in June 2005