CISSP Video

Wendy Walden: Welcome back to Momentum and we are continuing our discussion on IT security for professionals and with me again is West Goewey. And this time West we are going to talk a little bit about the CISSP certification. Why don't you tell us what that large acronym stand for?

          
West Goewey:            It stands for Certified Information System Security Professional. And the thing about this class is we are offering this as a preparatory for the certification test but also it is not a requirement that you take the test. In other words an individual can come to get this knowledge base that they need for business. The big difference between the CISSP and Security Plus is the breadth of the material it is much more intense. It covers a wider area and is much more focused in ISO security standards.
           
Wendy Walden:           Is this more designed for someone that is higher up in the IT organization?
           
West Goewey:            Basically yes, it's really designed for IT professionals that want to get into to security, but it is a real good tool for managers, in management, upper management. Because what it does is give them the information they need about security for their entire organization. And whether, their probably not going to take the test, but they are going to know what they need to manage.
           
Wendy Walden:           Now you said this is a little bit more detailed than the Security Plus, explain to me what other areas it covers that Security Plus doesn't?
           
West Goewey:         It basically covers the same areas, but it is much more detailed. Where as Incrypto and Security Plus you might look at the different protocols and how they work you're going to get really in-depth with the CISSP. You're gonna have to, you're tested at a much deeper level, or the knowledge base is much deeper.
           
Wendy Walden:           Gotcha. Now there are two parts to the CISSP process, you have the classroom setting and then you have the sponsorship program where you actually go through getting certified. Let's talk a little bit about the sponsorship area.
           
West Goewey:         Yes, if you are going the take the test what you needs, you need to have three years experience, and there are several other things like with college degrees. You have to go on their website to get the newest details. But basically what you are going to do is go to their website and you are going to fill out a form to apply to take the test. It is $500 currently, as when I took my test, to take that test, and then once you have done that then you show up on test day. You take the test, and then you find out within however period that you have passed or failed. And from that point if you pass then you have to have either a CISSP or other certification professionals with security to sponsor you, like a vice president or president or IT rep.
           
Wendy Walden:           And to have someone sponsor you they are basically validating that you are who you say you are, and your credentials, your work history.
           
West Goewey:                     Yes, they are validating, validating for you.
           
Wendy Walden:           Okay, what you are and your credentials. Very good. What are the job outlooks for someone with CISSP certification.
           
West Goewey:                     Oh, they're really great, it is probably the hottest cert out right now, security cert. If you currently have certification or if you have a degree or whatever then this is going to add value to your job position, its going to add value to your pay, possibly.
           
Wendy Walden:           And again is someone is entering the IT security profession this is also a must have to do so if they are looking to advance.
           
West Goewey:                     It's a great certification.
           
Wendy Walden:           What other security classes do you currently offer at the Buck Mickel Center?
           
West Goewey:            Well we're going to be working on doing some online stuff which we'll talk about in a minute, but we also have penetration testing which is the certified ethical hacker. CEH cert and basically what you do. There is learn techniques on how networks are penetrated and you basically are doing this legally and you have been asked to do it. So you can test for weaknesses in organizations both outside and inside the firewall and there is ways to do that and we have the laboratories. It is a great cert, again you can take it without being certified but its up and coming, its really good. Then we are also going to be working on some online information, web classes that deal with employee security training that we are going to be offering.
           
Wendy Walden:           Great, Now tell us a little bit about that.
           
West Goewey:                     It's basic to the employee to teach them about attacks and job awareness, just go over the same ten domains but at a lighter level that they can understand. And give them an overall awareness of security.
           
Wendy Walden:           This sounds like its more geared toward anybody in an organization.
           
West Goewey:                     It is.
           
Wendy Walden:           Okay it is very generic, okay um, and we know that CISSP is a universal certification, and basically once you're certified in that area you can use it anywhere in the world, correct.
           
West Goewey:                     Yes, that right.
           
Wendy Walden:           Any other advantages about with regarding having CISSP.
           
West Goewey:                     It’s just a well thought of cert, um, it is very difficult to get. It’s a six hour test, so you have to be able to stand that.
           
Wendy Walden:           How long is the class?
           
West Goewey:                     The class is a week. It's either a week during the day or it's two weeks at night, Monday through Thursday. But its just a great opportunity for folks to advance in any career. If they're in IT, you've  got IT certs like MCSC, A+, Net+. If you look at the careers that are coming up and what's expected to be the highest priority of companies, it is security. And so you can't go wrong with this. We've also started a group called GASP, which is a Greenville Association of Security Professionals, which meets, it's going to be changed to the fourth Thursday of every month here at the Buck Mickel Center in room 188. And basically what we are asking for folks that are interested in security or security professionals that are with us now. And we have great group of folks with CISSP's , people that deal with email systems, security, fire walls, you name it application development, and we speakers monthly, and we also have great pizza.
           
Wendy Walden:           What are some of the topics that you cover in that?
           
West Goewey:         Well we've had three meetings, at the first meeting we did penetration testing. We were showing hacks, how they occur and how the internet developed and how the weaknesses are there. Then the next meeting we had some folks come in to talk about some CISCO products that are available to protect your network. This last meeting we had the Postmaster from NUVOX come in and talked about his side of the ISP world and mail which he sees a ton of it, and they did a great job. This next month I believe we are hosting the risk management.
           
Wendy Walden:           Good, very good, so I see you have a lot of good things on the horizon. Any other programs going on within your computer department that we need to ...
           
West Goewey:         Well folks can check Buck Mickel Center dot com for the latest, but we have a wide range of materials that we cover. Everything from applications to software development. We have a guy that's teaching for us now doing software development, you know JAVA, along that line, SEQUEL. And then we have of course the Microsoft courses for the MCSA and MCSE and we're doing a lot of courses with CISCO also. So we have a wide range of courses and the thing about it is if you need training on a particular product even if you contact us then we'll find somebody, if we don't have the expertise, to bring in to host that for you.
           
Wendy Walden:           And you customize also?
           
West Goewey:                     We customize, yes we do.
           
Wendy Walden:           You customize depending on the customers needs?
           
West Goewey:                     Yeah, like recently we had some folks come in that wanted a SEQUEL class. And so it was a Microsoft official curriculum class, but they wanted it tailored to there needs. And I was able to go in and tailor it to there needs.
           
Wendy Walden:           Well West it sounds like you've got a lot of good things going on over at the Buck Mickel Center and CISSP and Security Plus classes great classes. Thank you for joining us today and telling us about these programs.
           
West Goewey:                     Well, thank you for having us.
           
Wendy Walden:           If you are interested in learning more about Security Plus or the CISSP training feel free to give us a call at 864-250-8800 or visit us online at www.GTBMC.com and we'll be happy to send any information to you or we'll have someone who can speak to you regarding our programs. Thanks for joining us and we'll see you next time on Momentum.