cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
John
Newcomer III

Staying Certified

I have over 20 years industry experience and recently (Apr 2017) received my CISSP.  One thing that struck me in my seminar week was the number of people (almost half) who lost their certification due to lack of CPEs.  Don't let this happen to you.  Seriously.  The last thing you want is to have to fork out the money to take the test all over again.

 

CPEs are important.  They provide evidence that you are an active participant in the infosec community.  They're easy to earn, but don't shrug them off or take them lightly.  Earning CPEs will make you better at your job:

  • - Attend a conference.  I can't stress this enough.  Almost every region in the US has a weekend conference within a few hours drive.  Do it.  For about $150 and the cost of beers and hotel room, you can not only earn a ton of CPEs, you'll learn real stuff from practitioners and have the opportunity to meet your peers.  Again, do it.  I'll definitely be at THOTCON and DerbyCon, maybe Black Hat/DEF CON, so if you don't know anyone hit me up and you won't be there alone.
  • - Subscribe to the (ISC)2 Twitter feed.  Heck, if you're not on Twitter, you're not getting the latest infosec news.  (ISC)2's Twitter feed provides pretty good news and a lot of opportunities to earn CPEs.
  • - Subscribe to InfoSecurity Professional magazine.  Hey, you paid for this.  Use it.  Answer the quiz and get 2 CPEs.  That's 12 easy CPEs a year.
  • - Be social.  (ISC)2 has a ton of local chapters out there who host tons of small events.  You get credit for these.  For the small annual fees many of the chapters charge, it's worth it.
  • - Be anti-social.  (ISC)2's website has links to lots of webinars where you get credit for learning.  Not as interesting as going to live events and sharing a beer with someone, but better than watching Elf for the 47th time on Netflix.

If you or your chapter has cool ways to earn CPEs, feel free to post up.

---
You only say it's impossible because nobody's done it and lived.
29 Replies
CISOScott
Community Champion

Also ISC2's CPE website is pretty easy to use. I lost my CEH certification due to the difficulty with their CPE system. It was too frustrating and so I gave up. Not so with the ISC2 site. Also DO NOT WAIT until the end of the year to try to cram them in! You do not want to only know about the security incidents that show up in December of every year. Set yourself an email reminder that recurs every month to enter some CPE's.

Also check the email you used to register if you are going to be changing jobs. ISC2 can fix it for you but you would hate to fail a CPE audit because you changed jobs and forgot to update your email address.

 

MarkyMark
Newcomer II

Great 


@John wrote:

I have over 20 years industry experience and recently (Apr 2017) received my CISSP.  One thing that struck me in my seminar week was the number of people (almost half) who lost their certification due to lack of CPEs.  Don't let this happen to you.  Seriously.  The last thing you want is to have to fork out the money to take the test all over again.

 

CPEs are important.  They provide evidence that you are an active participant in the infosec community.  They're easy to earn, but don't shrug them off or take them lightly.  Earning CPEs will make you better at your job:

  • Attend a conference.  I can't stress this enough.  Almost every region in the US has a weekend conference within a few hours drive.  Do it.  For about $150 and the cost of beers and hotel room, you can not only earn a ton of CPEs, you'll learn real stuff from practitioners and have the opportunity to meet your peers.  Again, do it.  I'll definitely be at THOTCON and DerbyCon, maybe Black Hat/DEF CON, so if you don't know anyone hit me up and you won't be there alone.
  • Subscribe to the (ISC)2 Twitter feed.  Heck, if you're not on Twitter, you're not getting the latest infosec news.  (ISC)2's Twitter feed provides pretty good news and a lot of opportunities to earn CPEs.
  • Subscribe to InfoSecurity Professional magazine.  Hey, you paid for this.  Use it.  Answer the quiz and get 2 CPEs.  That's 12 easy CPEs a year.
  • Be social.  (ISC)2 has a ton of local chapters out there who host tons of small events.  You get credit for these.  For the small annual fees many of the chapters charge, it's worth it.
  • Be anti-social.  (ISC)2's website has links to lots of webinars where you get credit for learning.  Not as interesting as going to live events and sharing a beer with someone, but better than watching Elf for the 47th time on Netflix.

If you or your chapter has cool ways to earn CPEs, feel free to post up.


Great points, John. Getting CPE's has been a struggle for me on and off over the years. These days, it's simply harder to find time to attend these things. While I used to attend a lot of week long conferences (something like the RSA Conference will surpass your annual needs), it's harder and harder to do so lately. 

 

That said, one of the best ways IMO is to reach out to your VAR/Vendor rep etc. and see if they have lunch and learns and other industry events. Most will often have very good events on security trends or even new products (yes, some can be 'salesy', but you can still extrapolate good information from them). And more often than not, the venue are top notch. I've been to a few Cisco events that were held at Morton's or Capital Grill. Yes, you're spending 3 hours for just an hour of CPE, but you're also getting a great lunch. 

 

For those in regulated industries - contact your local LEO and see what they offer. Often times there will be fraud or cybersecurity task forces that you can join and participate in annual meetings that will not only provide great info, but also get to talk to some industry experts. A few years ago, I attended a local task force meeting that was held at the USSS training facility in MD. This included a presentation from the legal/compliance exec of Target that talked about the breach. It also included a tour of the facility afterwards and some demonstrations from the Presidential Protection Detail. 

John
Newcomer III

I agree 100%.  (ISC)2's CPE website is so easy to use, you really have no excuse for not submitting your work.  Just remember to scroll down for the Group A and Group B credits.  When I made my first submissions, I spent way too much time trying to figure out what Domain they "best fit".

---
You only say it's impossible because nobody's done it and lived.
Pcooke2002
Newcomer I

I want to also suggest:

     Linux academy.

 

They have great videos that teach Linux admin, devops, containers, big data, and cloud(aws, google, azure, openstack)   Most of the security people I run into used to be developers and systems guy but had not done it for years.   Technology changes so fast now days.  This is a great way to learn what is being taught to the guys in the trenches.

 

Videos range from 2 minutes to 1 hour.  They have hundreds of hours of videos.   They let you play with up to 6 VM's ( shutdown after 5 minutes of non-use, and deletes after 10 days of non-use)

tommym89
Newcomer I

There really are so many ways to earn CPE credits that there's really no reason anyone should let their certification expire. For example, you can even earn a lot of CPE credits each year simply by reading the InfoSecurity Professional magazine that ISC2 publishes for members and taking the quizzes. Each quiz is worth 2 CPEs.

 

https://www.isc2.org/Member-Resources/InfoSecurity-Professional-Magazine

Dakotad
Newcomer I

You are so right.  I forgot about my renewal and discovered I had less than 30 days to get my CPE's.  I did it but that was not fun.  Learned a lot about CASB's and I am glad I did.  Can you say CCSP 😉

ZippFire
Newcomer II

Great read for a newby like me.

 

Just passed my exam on SSCP and waiting for the certification to compleet.

 

It's a BIG world if you get access to the ISC2 community, and see all the content to read, to attent, see see and to hear.

Great to be part of this world.

 

Good to know where the CPE's come from and were to find them!


Jeroen van de Weerd

Loose lips sink ships....
Stu1
Viewer II

Just to add to the point on ISC2 webinars, you can use the BrightTalk app to view recorded webinars offline and earn CPEs that way too. This is useful if you spend any time public transport / commuting etc. The CPEs register automatically after a few days, if you've added your ISC member number to the BrightTalk website.

aaaguirrep
Viewer II

I am using BrightTalk website to earn CPE. I see webinar of ISC2 or other security vendors. I have registered the webinars and I have earned CPE without problems.