If you’ve embarked on your CISSP journey, or even failed the exam once (or multiple times), you may have heard the statement that “you need to grasp the mindset.” It can be frustrating if that makes absolutely NO sense to you. Believe me, Jason and I know where you are. We were once asking the same question! Don’t be discouraged, we both failed this exam our first attempt at it. You’ll get this! You may just need to slightly tweak the way you’re looking at the problems.
The CISSP (Certified Information Systems Security Professional) certification, offered by (ISC)² (International Information System Security Certification Consortium), focuses on validating the skills and knowledge required to effectively design, implement, and manage a cybersecurity program. The CISSP mindset, as emphasized by (ISC)², encompasses several key principles:
1. Security Leadership:
- CISSP professionals are expected to demonstrate leadership skills in the field of information security. This includes the ability to establish and maintain a cybersecurity vision, strategy, and program aligned with organizational goals.
2. Holistic Approach:
- CISSP practitioners are encouraged to take a holistic approach to security. This means considering the entire ecosystem of people, processes, and technologies within an organization when making security decisions.
3. Continuous Learning:
- Information security is a rapidly evolving field. CISSP holders are expected to engage in continuous learning to stay updated with the latest technologies, threats, and best practices.
4. Ethical Behavior:
- CISSP professionals are bound by a strong code of ethics, which includes principles such as protecting society, the common good, necessary public trust and confidence, and the infrastructure.
5. Risk Management:
- CISSP focuses on risk management, which involves identifying, assessing, and mitigating risks. Professionals are expected to make informed decisions based on risk analysis to protect the organization.
6. Adaptability:
- The CISSP mindset emphasizes adaptability in the face of evolving threats and technologies. Security professionals need to be able to adapt strategies and practices to address new challenges effectively.
7. Resourcefulness:
- CISSP professionals are resourceful problem solvers. They are expected to find innovative and effective solutions to complex security challenges within the constraints of their organization.
8. Legal and Regulatory Compliance:
- CISSP practitioners are knowledgeable about legal and regulatory requirements related to information security and privacy. They ensure that their organizations comply with relevant laws and regulations.
9. Professionalism:
- CISSP holders demonstrate a high level of professionalism in their interactions with colleagues, clients, and the public. This includes effective communication, integrity, and a commitment to excellence.
10. Cultivating a Security Culture:
- CISSP professionals work to foster a security-conscious culture within their organizations. This involves educating employees, raising awareness about security threats, and encouraging secure behaviors.
The CISSP mindset, as promoted by (ISC)², is not just about passing an exam but about embodying these principles in one’s daily work. It’s a commitment to excellence, ethical behavior, and ongoing professional development in the field of information security.
If you’re really struggling and wondering how you can QUICKLY grasp this mindset, might I offer some help? Go check out our friend Luke Ahmed’s book entitled “How to think like a Manager, for the CISSP.” It’s an Amazon best-selling book that takes a look at 25 questions and EXACTLY how to break them down in a way that ISC2 would agree with. Just knowing how to do this is invaluable to your ability to chew up and spit out correct answer after correct answer on the actual exam.
Here’s a link to the book. Check it out! What have you got to lose?
We are a group of volunteers and opening a new scheme in our community.
Your site provided us with valuable info to work on.
You’ve done an impressive job and our entire community will
be grateful to you.
That’s wonderful!
I truly love your site.. Pleasant colors & theme. Did you create this
website yourself? Please reply back as I’m hoping to create my own personal
blog and would love to learn where you got this from or exactly
what the theme is called. Appreciate it!
Hello, and thank you. Yes, we created the site ourselves using WordPress and the theme is called “Astra.”
I blog quite often and I really thank you for your
content. The article has really peaked my interest.
I am going to take a note of your blog and keep checking for new details about once a week.
I opted in for your Feed as well.
That’s awesome. Thank you, Gary!!
Peculiar article, just what I wanted to find.
Hi, I wish for to subscribe for this weblog to take
most recent updates, thus where can i do it please help out.
We don’t currently have a sign up for the blog page but that’s a great idea! We’ll have to see about getting that added!
I don’t know if it’s just me or if everybody
else encountering issues with your blog. It looks like some of the written text on your content are running off the screen. Can somebody else please provide feedback
and let me know if this is happening to them as well? This may be a issue with my web browser because I’ve had this happen previously.
Cheers
What browser and device type is giving you problems? It looks good on my PC in Firefox, Chrome, and in Edge. It also looks good on my Android Samsung phone in adaptive mode.