topic Re: Education never-ending in CPE Opportunities

Education never-ending

Lamont29 — Mon, 09 Oct 2023 08:58:40 GMT

A colleague of mine at work asked me why I am always studying as though I am preparing to take another exam. However, I think that one of the worst things that we can do as security professionals is to pass the CISSP or other high-level security exam and study less thereafter. I think that we should hit the books harder AFTER we have been successful passing the CISSP. What makes a ‘paper’ CISSP or other security professional is that lack of follow through. The CISSP, at least, is an exam that one should treat like a PhD or any other terminal degree. Your body of work isn’t complete just because you have that certification framed, in fact, your journey has only begun. The security bodies of knowledge are forever changing, and we must be prepared to meet those challenges of tomorrow.

Re: Education never-ending

CraginS — Mon, 08 Oct 2018 11:48:03 GMT

Lamont @Lamont29 has given the core reason we need to be serious about the requirement for ongoing Continuing Professional EDUCATION. Perfect. Thank you.

This logic is also why I have a personal objection to allowing volunteer work in running an (ISC)2, ISSA, or INCOSE chapter to count as CPE. This practice smells more like a bribe to help maintain chapters than actual education.

Returning to the main point, yes, ,to deserve the label of professional in our field, we all do need to stay on top of rapidly changing and expanding world. As for the commitment of a CISSP as analogous to a PhD, yes, earning a research doctorate simply says, 'OK, now you actually know how to conduct research. Now go forth and do more."

Re: Education never-ending

Lamont29 — Mon, 08 Oct 2018 12:05:08 GMT

That's a great way to sum up my point Dr. Cragin! I am actually afraid of not learning something new every day about INFO, as the size and velocity of information can be overwhelming should one rest their laurels a few weeks... Maybe days in some instances.

Re: Education never-ending

Daniel-Nash1 — Tue, 09 Oct 2018 10:19:16 GMT

Lifelong learning is a hallmark of a successful IT worker. Like your HS degree, your first bachelors and beyond, your certification initiates a new beginning. They offer a personnel and professional challenges that are milestones for each of us, though they are not an end. The broad base of the CISSP certification being that inch deep, mile wide amount of knowledge is an emphasis how how much there is to know and keep up with. The world is dynamic and it takes the philosophy of being a continuous learner just to keep in place with ourselves competent.

Enjoy the path you have chosen or that you may find has chosen you through your interests and abilities. You have achieved much and there is much more that will beacon you on this journey.

Daniel Nash, MS A, MS IT, BS, BS, CISSP, A+, Network+, I-net+, Linux+, Project+, Security+, LPIC-1, MCP, M CIW A, M CIW D, M CIW M, CIW Security Analyst, CIW Database, CCNA, Sitecore Professional Developer, SAFe Agile, ....

Re: Education never-ending

rslade — Tue, 09 Oct 2018 18:19:01 GMT

> Daniel-Nash1 (Newcomer II) posted a new reply in Certifications on 10-09-2018

> Lifelong learning is a hallmark of a successful IT worker.

One of the reasons I like security so much is that it demands you keep up, and, no matter what you learn, it seems to have a bearing on security at some point.

> Daniel Nash, MS
> A, MS IT, BS, BS, CISSP, A+, Network+, I-net+, Linux+, Project+, Security+,
> LPIC-1, MCP, M CIW A, M CIW D, M CIW M, CIW Security Analyst, CIW Database,
> CCNA, Sitecore Professional Developer, SAFe Agile, ....

...although I'm willing to concede that principle may have some limitations ...

Re: Education never-ending

Cousy14 — Wed, 24 Oct 2018 19:39:14 GMT

I agree! Well said.

Re: Education never-ending

emb021 — Thu, 25 Oct 2018 20:21:28 GMT

"This logic is also why I have a personal objection to allowing volunteer work in running an (ISC)2, ISSA, or INCOSE chapter to count as CPE. This practice smells more like a bribe to help maintain chapters than actual education."

Sorry, I disagree with this.

This is about providing leadership, something we need both in our jobs and in the larger infosec community. ISACA also provides CPEs for their certs if you are a chapter leader. No one should look at CPEs as "bribery", but sadly, we have many people, who because they aren't doing the activities they should to get CPEs, that sometimes you need to use a carrot/stick method.

Re: Education never-ending

Wemack57 — Mon, 29 Oct 2018 12:49:50 GMT

As a professional educator, I tell my students "learning is lifelong and your education is something that no one can take away from you!"

Thanks,

Warren Mack, Ph.D., CISSP

Re: Education never-ending

dcontesti — Fri, 02 Nov 2018 22:22:49 GMT

@CraginS Sorry I disagree with you on earning CPEs for running a chapter, et al. I don't see it as a bribe but rather an opportunity help develop skills other than Security (which I believe have been targeted as Group B). Running a chapter, etc., allows one to develop soft skills such as budgeting, coordination, presentation skills, working with external sources to arrange meetings, etc. which as all professionals we should be doing. So I see no problem with allowing up to 10 CPEs a year for something like this.

Also participating in the meetings themselves can aid one with interpersonal skills (also soft skills) but provide a venue to learn about new methods of working or new technologies.

I have been learning new things since the day I entered Security (one of the reasons, I like being in Security)...it challenges me daily.

Regards

Diana

Re: Education never-ending

rslade — Sat, 03 Nov 2018 18:04:51 GMT

> dcontesti (Newcomer III) posted a new reply in Certifications on 11-02-2018 06:22 PM in the (ISC)Â² Community :

> @CraginS Sorry I disagree with you

Fight! Fight! 🙂

> I don't see it as a bribe but rather an opportunity help develop
> skills other than Security (which I believe have been targeted as Group
> B).

I'm on Diana's side. Security management is a big part of security, and, if you aren't a manager, helping out with a chapter is a big opportunity to learn. (If you *are* a manager, helping out with a chapter is a good opportunity to learn a different environment. Always valuable.)

We have some supporting experience of this in the Vancouver Chapter. A few years ago we started encouraging our student members to help out in the executive. (Not just token jobs, either: real positions.) We got great benefit from their energy, but they also got terrific experience (and contacts). So much so that at least one college now considers being on our exec to be valid "work experience" in support of their academic program.

> I have been learning new
> things since the day I entered Security (one of the reasons, I like being in
> Security)...it challenges me daily.

Amen and amen.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
A man thinks that by mouthing hard words he understands hard
things. - Herman Melville
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

Re: Education never-ending

CraginS — Sun, 04 Nov 2018 14:39:23 GMT

Michael @emb021, Diana @dcontesti, and Grandpa Rob @rslade have each challenged my position that leadership or service positions in professional society chapters should not qualify for CPE credit. Your posts have caused me to think more on the topic and modify my position. I have for years considered the professional education phrase as referring to education in the central aspects of the profession, defined for CISSPs in the domains of the CBK.

However, many in the technical fields have increasingly come to recognize that technical knowledge and skill is worthless without an ability to take action and implement the results of such skills. For this reason, many across the engineering, technical, and scientific arenas have been increasing the focus on balancing technical skills with so-called soft skills. In almost any environment, the leadership and management skills for planning, organizing, communicating, directing, coordinating actions with a team are essential to actual success. As Diana implied, these skills come to bear when involved in professional society service and leadership positions, both at the chapter and at the society level.

With the above logic I hereby withdraw my assertion of bribery for service as the basis for society service CPE credit. However, now I wonder should such service be identified as a third CPE category, Type C, and limited to a reasonable proportion of the total 120 credit requirement, just as Type B general skill credits are limited? It seem that some proportion of the 120 credits should always be Type A domain-linked education.

Regards,

Re: Education never-ending

denbesten — Sun, 04 Nov 2018 19:30:34 GMT

@CraginS wrote:
...should such service be identified as a third CPE category, Type C...

It might be instructive to review page 8 of the CPE handbook and then contrast your proposed Type-C vs the existing Group-B. At the moment, I struggle to understand how there would be sufficient distinction to make it worth managing a whole new category.

One might also note that page 18 uses "Chapter formation or management" as an example of an activity that already qualifies for Group-B. Given that Group-B caps at 33%, the official rules might just be at the position that you are proposing.

Incidentally, I have always had great respect for those that are willing to be swayed by a good discussion. It is an important and natural outcome of lifelong learning. Thanks for letting us know that Diana and others have swayed your opinion. I too am open to such swaying.

Re: Education never-ending

emb021 — Mon, 05 Nov 2018 17:46:01 GMT

I don't see the value of created a "Group C" set of CPEs.

Softskills and leadership experience/training already falls into Group B, which is limited. That should be enough.

I wouldn't want anyone to get all their CPEs completed with non-technical CPEs. But they should get some credit for this.

Re: CraginS mentioned you in (ISC)Â² Community

rslade — Mon, 05 Nov 2018 20:03:59 GMT

> CraginS (Contributor III) mentioned you in a post! Join the conversation below:

> However, now I wonder should such service be identified
> as a third CPE category, Type C, and limited to a reasonable proportion of
> the total 120 credit requirement, just as Type B general skill credits are
> limited?

I could go along with that, although I wonder if it's unnecessarily complicated ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
All things considered, insanity may be the only
reasonable alternative.
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB