I've started the process of gathering resources for acquiring a CISSP certification. The CISSP (and certifications in general) have been mocked quite a bit in the security community. What I think most people are bothered by with certifications is that some see it as a finish line to their knowledge. In reality certifications are just the beginning.

After discharging from the Navy, I found myself out in the hot South Carolina sun that summer pulling cable for a company that, today, no longer exists. I was not getting to where I needed to be job wise. So I quit my job, spent two weeks studying, and got my CompTIA A+ certification. Within a month I was hired to fill a systems analyst level two role, in an air condition office inside a manufacturing plant. Since then, I acquired my CompTIA Network+ certification and a media arts degree from the University of South Carolina. Now it's time to shift gears and really get serious about security.

A lot of the appealing job postings I've looked at prefer (sometimes require) a CISSP certification. There are other certifications in those job postings, but the CISSP is pretty standard. Now I'm not just doing this for career advancement, I also want to explore areas of security that I haven't yet explored or haven't explored deep enough. The CISSP should give me some structure to do that. Over the next few weeks (as long as the Astros are playing baseball) I intend to collect resources on passing the CISSP examination. If you have anything to share I would love it if you would contact me via email (timothy.deblock[at]gmail.com) or on Twitter (@TimothyDeBlock). I intend to document those resources here on my website for the benefit of others.