|
|
|
|
|
|
by intern4tional
3355 days ago
|
|
|
That's an impressive resume of roles, but security is more than just those areas. I think the grandparent is trying to say that the CISSP is largely for non-technical security roles. People that manage large security organizations are generally believed to be the ones that benefit from the CISSP as they are not interested in the details and more on a 1000 foot strategic view. Without knowing more details about the your specific expertise, I would say you probably haven't been in a role that would benefit from the CISSP by just looking at your list. If you've been the CISO for a large company with 400+ people reporting to you doing IS work, having a CISSP should at least help you prioritize the work that needs to be done. Likewise for many companies that have non-technical management in security organizations, a CISSP helps provide some background for them. |
|
|
It's a hodge-podge of everything under the sun. The only thing it's able to prove is that
a) you have endurance and spare time to sit for a 4-6 hour multiple choice test
b) you can commit to rote memory a bunch of meaningless material which you are unlikely to encounter in real security/risk management role
It truly is the worst of the bunch, but for reasons yet explained, it's the defacto "must have" by bigCorps - which is why it gets picked on by so many folks: everyone knows it's bad, yet most people end up picking it up.