Technologia: What exactly is the CISSP?
Patrick Chouinard: The oldest and probably the most recognized cybersecurity certification. It was created at the request of the US Department of Defense in the 1990s. It includes both technical and theoretical aspects and sort of answers the questions "what are the types of controls and how do you implement them?
T: Who is the CISSP certification for?
Patrick Chouinard: Generally, people with a minimum of technical background, who are interested in cybersecurity and who want to obtain a certification recognized in the market. It seems that a certified person can claim a salary that is 15 to 25% higher than that of a person with a similar profile, but who is not certified... For companies, it is a valued certification, because it allows them to demonstrate their knowledge of security issues, at all levels. Some companies are very proactive and do not hesitate to train their employees accordingly.
T: To be certified, do you have to pass an exam and to pass an exam, do you have to take training?
Patrick Chouinard: Training is not mandatory. It is possible to register directly to take the exam, if you are confident enough. Otherwise, a good training will prepare you for it for sure.
T: Precisely, how can you identify a good CISSP training?
Patrick Chouinard: First of all, validate that it covers the 8 mandatory fields, verify that the trainers are accredited, and if possible, confirm that it takes into account local particularities, such as law 25. Important detail: it is not uncommon to see people taking the training to have a good knowledge of security, without taking the exam, because they don't need it (like lawyers who only want to have the knowledge to advise their clients for example).
T: In I.T. the training is often in English, is that the case here too?
Patrick Chouinard: I am one of the few trainers who give the CISSP training in French in North America. In fact, I can give the training in French as well as in English. However, the exam is no longer available in French since April 2022 for an unknown reason. I hope this is temporary. For your information, the exam is available in English, Portuguese, Italian, Spanish, Chinese or Korean.
T: Should the CISSP certification be maintained?
Patrick Chouinard: Absolutely! Either by retaking the exam at regular intervals. Or by demonstrating that you have remained active in the field of cybersecurity (by taking additional cybersecurity training, attending webinars, staying informed on the subject, etc. ).
T: One final word?
Patrick Chouinard: The CISSP® certification is not only a measure of excellence in information security, but it is also recognized as a guarantee of success. This training provides an introduction to the Common Body of Knowledge of IT security and helps develop a global vision of IT security issues.
To go further :
