cissp

Journey to the CISSP

Euan

Sep 1, 2024 • 2 min read

It was never my intention to pursue the CISSP certification. However, in 2019, I considered obtaining the SSCP as a stepping stone towards CISSP. At that time, I was deeply entrenched in a technical role, dealing with the daily intricacies that justified my need for the SSCP. Despite my initial plans, I postponed my pursuit of the certification throughout 2019.

The COVID-19 pandemic in 2020 prompted me to reassess my certification path. As we all adapted to remote work and faced grim news of increasing illness worldwide, professional certifications took a back seat in my priorities. The isolation and lockdowns that persisted into 2021 made it challenging to focus on furthering my skills in either SSCP or CISSP.

However, I realised that transitioning from a team leader and technical role to leadership and management would be a logical progression. In 2021, I decided to tackle the CISSP certification head-on. I had always admired those who had obtained this prestigious credential, knowing full well the exam's difficulty and the breadth of knowledge required. With eight domains to master, it's often said that CISSP is "a mile wide and an inch deep" – a sentiment I encountered repeatedly during my research and conversations with certified professionals.

As 2022 passed without progress, in March 2023, I resolved to book my CISSP exam for August, believing it would provide ample time for preparation and the furthest away date possible. However, as April and May passed, I realised that I had not done enough. Despite having some industry experience, I needed more in-depth knowledge to tackle this exam.

Consequently, I dedicated almost every weekend in June and July to studying the eight domains of the CISSP while juggling life, work, family, and friends. The enormity of the exam became apparent as I delved into topics like cryptography, secure development life cycles, and risk management. It was evident why the CISSP is so sought after and respected in the industry - it demands time, dedication, and experience.

A couple of weeks before the exam, I planned my remaining study time meticulously. I took an entire week off work to study but still felt unprepared. Nevertheless, I read, watched, listened, questioned and practised as much as possible.

On the day of the exam, I was acutely aware of the financial investment I had made in myself, I had not just funded the exam but the courses, the books, the training material.

Sitting down in the exam room for four hours and answering at least 125 questions was daunting. As I approached question 125 with only 15 minutes remaining on the clock, my mind wandered to thoughts of not passing this exam but remaining focused on the question was the best and only way to keep going, almost like incident response!

When the exam ended at exactly 125 questions, I anxiously awaited my results. To my disbelief, the first line on the print out "congratulations." It took me four days perhaps more, to fully comprehend that I had passed and no longer needed to bury myself in the books.

Now in October, it has finally sunk in that I am a fully endorsed CISSP. So let’s see what’s next.

Sign up for more like this.