The True Value of Cybersecurity Certifications
Summary
TLDRThe speaker reflects on their 30th year in the industry and their strong belief in the value of certifications. They highlight their own pursuit of top certifications like CISSP, CISA, and CCSP, emphasizing their role in validating skills and knowledge. The speaker advocates for the 'right way' to earn certifications, which involves more than just studying for the exam but also understanding the thought process behind them. They also discuss the benefits of classroom learning and the importance of vendor-neutral certifications for a holistic understanding of security controls. The conversation ends with the speaker's plans to continue pursuing certifications, aiming to complete the top 10.
Takeaways
- 🎂 The speaker is entering their 30th year and feels old, but remains a strong supporter of certifications.
- 📚 They have pursued certifications like CISSP and S Gack from the beginning of their career, emphasizing the importance of continuous learning.
- 🔍 The speaker has been observing the top 10 certifications in the industry and has acquired six of them, highlighting their dedication to professional development.
- 🛡️ Certifications are seen as a way to validate skills and knowledge, combating the imposter syndrome that many professionals face.
- 📈 The right way to approach certifications involves respecting the credential, studying the material thoroughly, and not just memorizing exam questions.
- 🤖 Certifications are not about memorizing commands but understanding situations, conflicts of interest, and best practices for information security.
- 💼 Having certifications can help secure jobs as some organizations still require credentials as a form of validation.
- 🏆 The speaker values the CISSP as a baseline certification that everyone in the industry should consider obtaining.
- 👥 Recommending classroom or boot camp experiences for certifications, as they offer unique learning opportunities through peer collaboration.
- 🌐 The speaker plans to continue pursuing certifications, focusing on vendor-neutral ones to understand the full context of security controls.
- 🚀 There's a future plan to acquire more certifications, aiming to complete all top 10, showing a commitment to ongoing professional growth.
Q & A
What is the speaker's view on the importance of certifications in their career?
-The speaker believes that certifications are valuable for several reasons, including validating skills and knowledge, combating imposter syndrome, and providing a baseline for understanding different areas within the industry.
What certifications does the speaker mention as being particularly valuable in the field of security?
-The speaker specifically mentions CISSP, CISM, CISA, CRISC, Certified Ethical Hacker, and CCSP as some of the top certifications that are valuable in the security field.
How does the speaker feel about reaching their 30th year in the industry?
-The speaker expresses that reaching their 30th year in the industry makes them feel old, but they also acknowledge it as a significant milestone.
What does the speaker consider as the 'right way' to approach certifications?
-The speaker believes the right way to approach certifications is by respecting the credential, engaging with the material deeply, learning from various perspectives, and not just studying for the practice exam.
Why does the speaker emphasize the importance of not just relying on memorization for certification exams?
-The speaker emphasizes this because they believe certifications should validate real understanding and skills, not just the ability to memorize and regurgitate information.
What does the speaker suggest about the value of certifications in securing jobs?
-The speaker suggests that certifications can help secure jobs as some organizations and industries still ask for credentials as a form of validation from candidates.
How does the speaker view the role of certifications in building confidence in one's field?
-The speaker views certifications as a way to build confidence by validating one's knowledge and skills, which can be reassuring, especially in a field as complex as security.
What is the speaker's opinion on the use of AI and its potential impact on understanding fundamental concepts?
-The speaker is concerned that reliance on AI for tasks like searching for command lines could lead to a lack of understanding of fundamental concepts, which is crucial in the field.
Why does the speaker recommend attending a boot camp or classroom setting for certain certifications?
-The speaker recommends this because of the collaboration and learning that can occur between peers, which can provide different perspectives and insights into various industries and scenarios.
What is the speaker's strategy for pursuing further certifications?
-The speaker plans to focus on vendor-neutral certifications rather than vendor-specific ones to gain a broader understanding of technologies and security controls.
Does the speaker plan to pursue all of the top 10 certifications mentioned?
-Yes, the speaker has plans to pursue all of the top 10 certifications, with a focus on continuing to learn and grow within their field.
Outlines
🎓 The Value of Certifications in Professional Development
The speaker reflects on their 30th year in the industry and their strong belief in the importance of certifications. They have pursued various certifications, including CISSP and S Gack, as a means to validate their skills and knowledge. The speaker emphasizes the right way to approach certifications, which involves more than just memorizing questions but also understanding the thought process and scenarios behind them. They highlight the benefits of certifications, such as building confidence, securing jobs, and validating one's expertise in the field. The speaker also discusses the value of in-person classes and boot camps for collaboration and learning from peers in different industries.
🚀 Pursuing Excellence Through Certifications
Continuing the discussion on certifications, the speaker shares their experience and views on the process and benefits of obtaining them. They mention the importance of passing certifications the right way, which demonstrates not only knowledge but also the ability to manage time, resources, and seek help when needed. The speaker believes that having certifications can indicate a person's capability to handle projects from start to finish. They also touch on the value of classroom settings for learning and networking across different industries. The speaker concludes by expressing their intention to pursue more vendor-neutral certifications to broaden their understanding of security controls and technologies, rather than specializing in a specific technology.
Mindmap
Keywords
💡Certifications
💡CISSP
💡SGack
💡Baseline
💡Imposter Syndrome
💡CP
💡CISA
💡CISM
💡CRISC
💡Certified Ethical Hacker
💡CCSP
Highlights
The speaker is in their 30th year and is a big supporter of certifications.
They took sand certifications in Northwest Territories and looked at base level certifications in Alberta.
The speaker considers CISSP and S Gack certifications as the next step up from base level.
They have been watching the top 10 security certifications over the last few years.
The speaker has six of the top 10 certifications, including the CP, CISA, CISM, CRISC, CEH, and CCSP.
They believe certifications are valuable for validating skills and knowledge.
The right way to pursue certifications is to respect the credential and learn from different perspectives, not just studying for the exam.
Certifications help build confidence and sometimes secure jobs as some organizations still ask for them.
The speaker found the CSSP certification to be a great baseline that everyone wants.
They believe passing certifications the right way shows you can take on a project from beginning to end.
Attending a boot camp or classroom for certifications is recommended for collaboration and learning from peers.
Different industries have different approaches to security, and certifications can help understand that.
The speaker plans to pursue the remaining certifications, focusing on vendor-neutral ones.
They aim to understand the full context of technologies and security controls rather than being a subject matter expert in a specific technology.
Transcripts
I realized that I am now in my 30th year
in it this year which really sounds
incredibly that's great which makes me
feel very old though um but one thing
that I've really been uh a you know big
uh supporter of is certifications M um
from the beginning I've
when I was even in Northwest Territories
I took some sand certifications when I
moved to Alberta I I looked at what the
base level I considered and I don't want
to say entry level as base level but I
mean the next step up uh what those are
for certifications and to me it was the
cissp and and the S gack things this
nature now I haven't done a lot of what
I call the industry level big search of
a while but I've been watching you over
the last three or four years and you're
just nailing them off and I was actually
looking at a list of the top 10 search
and you have six of them okay you have
your CP which is pretty much a a if you
want to get into security nowadays and
again I don't mean that it's entry I
mean any um not entry level but that
Baseline it's that Baseline layer
because I do believe and there's always
these talks on on LinkedIn that you
can't ask for an entry-level position
having a CSP which I agree with so
there's that there is the cisa
isaka CIS cism another isaka
certifications uh there's a isaka crisk
yes that you have um there's the
certified ethical hacker which you have
and then what's the cloud certification
you have the ccsp which is the also from
the IC Square okay yeah so you have six
of what is considered the top 10
certifications out there now so I was
going to I I do like to ask people what
what they take on certification is being
that you have six of the top 10 I'm
going to say you probably think
certifications are valuable but why did
you pursue the certifications 100% so uh
do I think it's kind of like important
or valuable yes I do uh for many reasons
one is
um it's help you validate your skills
and help you validate your knowledge
right so we are all in the industry
probably having that imposter syndrome
in terms of like um am I really um well
educated or kind of like have the
necessary skills or knowledge in certain
areas and certificates or credentials
they help you to validate that right if
you are doing it the right way so if you
are trying okay that's a key term there
so let's yeah so what define the right
way so the right way is basically you
don't just go and study for the practice
exam or kind of like some questions and
you
say exactly no you need you need really
to to respect the certificates respect
their credential and respect that many
people spend a lot of time to build that
certificates build the thought process
behind it right and read the book uh
check out resources learn from the
perspective of different people and then
definitely you need to do uh the
questions the questions help you to
understand different situations help you
understand different scenarios and
that's what I like about those
certificates is basically it doesn't
give you a multiple choice of like a
command line or whatever you to kind of
humorize which today you can Google it
you can like use geni geni to kind of
like I was just going to say AI now you
can ask AI to do a lot for you uh what
happens if everybody gets reliant on do
using Ai and then they don't understand
some of the fundamental SI you got there
exactly okay but rather they really
discuss situations they discuss conflict
of interest they discuss what is the
best action if you are trying to protect
your environment or your dat sense
information regulations all that stuff
so I found the certificate validate my
knowledge help me kind of like build
confidence in in the field and sometimes
even secure some uh some jobs like some
organizations or some Industries they
still ask for credentials they still ask
for um um validation from you right so
that's that's really the idea behind it
yeah i' I've whenever I look back at the
certifications I've taken I I I definely
see the cssp as that Baseline one that
everybody wants I personally have always
and maybe I'm biased because I took the
Sands course where you actually had to
take like the actual class and you had
to take the labs and use your challenge
at the end I found that those to me were
more worthwhile because I had to
demonstrate actually skill set yes um
but that's a a great base level um great
base layer and I always also say
that you know while I do see I do know
people out there who try to brain dump
stuff things of that nature uh I think
you can usually you should be able to
tell that through an interview process
by just a very yeah you some
very particular questions should Point
some of that out um and the people who
pass these exams the right way we'll
talk about that right way not only do we
understand that they have that base
level but I also know that they can take
on a project and if it's a some of these
search might take three to six months
again I know that they can budget time
they can study they can get the right
resources they can ask for help they've
have a process and I know they could
take on a project go from beginning to
end they invested and that tells me a
lot about uh individuals when they do uh
when they you know they have these
certifications absolutely true and um
speaking about sense for example you are
saying uh being in a classroom or um I
definitely recommend that if your budget
permits go for a boot camp go for
because like the collaboration between
you and your peers in the class is
different you can ask about certain
scenarios or situations they run into
because we are usually work with one
industry or maybe you shift to another
industry but it's really nice to see how
other people think in different
Industries or different sectors what
type of regulations they they need to
handle or deal with what type of risks
to the well Healthcare versus Financial
both could use security for but have
different exact um different approaches
to it I think that's great and um I I
kind of I wanted to finish off with just
saying that you've got six out of 10 are
you going to try to finish all 10 um I
have plans yeah awesome I on yeah I have
plans to move on definitely I still
going to focus on vendor neutral
certifications rather than vendor
specific because I think it depends on
your role what's your career goals in my
in my case is basically um um I like to
kind of like work on the whole context
or understand the full context of
Technologies the security controls
rather than focusing on or being a
subject Market expert in certain
technology right yeah no sounds good I
can't wait to see what you're going to
do next for the certifications it's
going to be um fun to watch yeah
[Music]
浏览更多相关视频
GRC Certification Roadmap v1.0: Recommended Training and Certs #cybersecurity #grc
Cyber Security Certificate Tier List – UPDATED (2023)
Google Cybersecurity vs Security+ for Beginners (ft. @JoshMadakor)
Getting Into Cyber Security: 5 Skills You NEED to Learn
Are Coding Certificates Important? AWS Certificates | AWS Certification Guide
What does a security architect do? | Cybersecurity Career Series
5.0 / 5 (0 votes)