CISSP For Dummies. Peter H. Gregory
Чтение книги онлайн.
Читать онлайн книгу CISSP For Dummies - Peter H. Gregory страница 21
Название: CISSP For Dummies
Автор: Peter H. Gregory
Издательство: John Wiley & Sons Limited
Жанр: Зарубежная компьютерная литература
isbn: 9781119806905
isbn:
Finding a mentor, being a mentor
If you’re somewhat new to infosec (and even if you’re not!), and you find yourself asking many questions about your career, perhaps you would benefit from a mentor. A mentor is someone who has lived your professional lifestyle and been on the security journey for many years.
We suggest you shop around for a mentor and decide on one after talking with a few prospects. Mentors often have different approaches, from casual discussions to more structured learning.
If you’re not sure where to find a mentor, start with one or more of your area's local security organizations or activities. You may have to find a long-distance mentor if you live outside a major city, but the experience can still be rewarding!
As you transition in your career from a security beginner to a security expert, consider being a mentor yourself. You’ll find that although you’ll be helping another aspiring security professional get their career started, you’ll also learn quite a bit about security and yourself along the way.
Building your professional brand
You are defined by more than just your job title and your certifications. As you take your career further into information security expertise (and perhaps leadership), you’ll want to establish your brand above and beyond the job you are in today. Infosec professionals tend to stay in their positions for three to four years — a small fraction of a career. Instead of remaking your brand each time you change employers, elevate your brand to set it apart from your employers. Here are some of the ways you can spread your wings:
Create a LinkedIn profile. LinkedIn has become the de-facto platform for building your brand. If you haven’t done a lot with LinkedIn, we suggest that you pick up a copy of LinkedIn For Dummies, 4th Edition, by Joel Elad (John Wiley & Sons, Inc.) and go all in.
Join (ISC)2 and other communities. You might find your niche through the (ISC)2 communities discussed earlier in this chapter, where you can help and be helped.
Use other social media. If you are serious about building your brand, you might also consider creating a professional Twitter and/or Instagram account.
Start a blog. Your opinions and insights matter, and a blog is a great way to express yourself through articles and other information about yourself and your contributions to the profession.
Print personal business cards. If you are a business-card type of person, consider getting your own business cards. Go plain or go fancy. Peter prefers the minimalist approach, as you can see in Figure 2-1.
Photo courtesy of authors
FIGURE 2-1: Make your own personal business cards.
Personal Branding For Dummies, 2nd Edition, by Susan Chritton (Wiley), is a great way to learn more about your brand and how you can use it to help others and get ahead.
Pursuing Security Excellence
We think that the best way to succeed in a security career is to pursue excellence every day, whether you’re already in your dream security job or just starting.
The pursuit of excellence may sound like a lofty or vague term, but you can make a difference every day by doing the following:
Do your best job daily. No matter what you do for a living, be the very best at it.
Maintain a positive outlook. Happiness and job satisfaction are due in large part to your attitude. Having a good attitude helps make each day better and allows you to do a better job. Because optimism is contagious, your positive outlook will encourage your co-workers, and pretty soon, everyone will be whistling, humming, or doing whatever else they do when they like their jobs. Have an attitude of gratitude.
Continually improve yourself. Take the time to read about security practices, advances, developments, and changes in the industry. Try to figure out how innovation in the industry can help you and your organization reduce risk even more, with less effort.
Understand your value. Take the time to understand how your work adds value to the organization; try to develop more ways to add value and reduce risk.
Understand the big picture of security in your organization. Whether or not you’re responsible for some aspect of security, take the time to understand your organization's principles to increase security and reduce risk. Use the security and risk management principles in Chapter 3, and see how those principles can help improve security even more. Think about your role in advancing the cause of asset and information protection in your organization.
Understand information security on a global scale. Take the time to understand big-picture trends globally: what nation-states pose the greatest threats, developments in security and privacy laws, workforce trends, and changing attitudes about information security. This information will help you stay current in this rapidly evolving industry.
If you make the pursuit of excellence a habit, you can change for the better over time. You end up with an improved security career, and your organization gets better security and reduced risk.
Part 2
Certification Domains
IN THIS PART …
Understand security and risk management concepts and principles.
Make your knowledge of asset security one of your assets.
Design and implement secure software, systems, and facilities.
Master communication and network security fundamentals.
Recognize identity and access management techniques.
Conduct СКАЧАТЬ