The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.
In this installment, we talk to Adesoji Ogunjobi , who is passionate about cybersecurity in Africa. He is Chief Information
Technology (security) Architect and Trainer with Kavod Doyen Consulting in Lagos and talks about how this industry has changed over his 14-year
professional background and his ambitions for the future.
What job do you do today?
I work as an Information Technology Security Consultant and Trainer.
What problems does your company solve?
My company delivers assessment, training, and cybersecurity consulting services, including third-party risk assessments, IT infrastructure audits, cloud security consulting, as well as cybersecurity training. These are all the components of a mature security program that all bring value to a company.
Why did you first decide to get into cybersecurity?
I had achieved Microsoft, CompTIA, and Cisco certifications. Consequently, it dawned on me that you really cannot derive value from your IT infrastructure without thinking about security. To hone and attest to that skill, I went for ISC2's CISSP credential.
What was life like when you started in your career in cybersecurity?
When I started out, I felt unappreciated and out-of-place because no one was talking or thinking about information security. The business and senior management seemed only interested in the performance of IT infrastructure. Fortunately, this is no longer the case.
What was your first cybersecurity job?
My first cybersecurity job was as an IT Security Manager. I was employed by a person who formerly consulted for a global IT company. He left that job and became the Head of Information Technology in the company where I was employed.
Why did you decide to undertake CISSP?
I wanted to prove my skill as well as stand out. I got to know that the ISC2 CISSP is considered the Gold standard in cybersecurity.
The desire to refine my existing skills, and add security skills was what led me to study the CISSP Common Body of Knowledge.
I was blown away by the coverage of the course content. The breadth of material was mind-blowing. There and there I decided it is what I wanted - I fell in love with it.
How long did it take to achieve CISSP?
It took me 4 months to study for and then sit for the exam.I spent three months attending weekend lectures, and one month of personal study before I was ready.
Did you enroll in any training?
I enrolled with an ISC2 partner in Nigeria for the training.
What most surprised you about CISSP?
I was amazed to learn that it was a 6-hour exam, containing 250 questions! Prior to that time, I had never prepared or intended to written any exam that long with that many questions. Now that ISC2 has gone to an adaptive testing model, I am sure that is much more attractive to many potential candidates.
How did it change how you approached your work?
I started approaching the delivery of IT services with a risk-identification-mitigation mind-set. I did not want my employer to suffer preventable loss.
What were the first changes you noticed after becoming a CISSP?
During my study, and after attaining the certification, my depth of security knowledge changed, especially as it had to do with cryptography. Along with that, my self-esteem and confidence soared!
The CISSP was the reason I got my first job in a multinational financial service company, where I spent approximately 9 years.
What steps brought you to the job you do today?
Continual skill improvement is responsible for my continued progress in cybersecurity. I attend ISC2 webinars, and I participate as an exam contributor for the Certified Cloud Security Professional (CCSP) and CISSP-ISSAP certifications.
What ambitions do you have for your career ahead?
One of my aspirations is to become the ISC2 International President, as well as to consult for Multinational corporations. I have aspirations to go as far as my imagination will allow.
What achievement or contribution are you most proud of?
I am most proud of achieving my ISSAP credential. I have also helped a couple of people achieve the CISSP designation through training, mentoring, and endorsement.
What is it about your job that you love?
The most amazing part of working in cybersecurity is its dynamism and ever-evolving influence in all aspects of technology.
What is the biggest challenge you have faced in your career?
I worked for an organization with a poor cybersecurity culture. What’s worse, is that I did not see a desire that they wanted to improve it and I felt I was working there just to fulfill a requirement. It was quite unfulfilling for me personally.
How do you think you have personally benefited from becoming a CISSP?
One of the benefits is the increased exposure afforded me through this interview! In addition to this honor, the international recognition of the credential wherever I present it is a huge benefit.
How do you ensure your skills continue to grow?
Continuing education is very important to me. I continue to learn and contribute to the community by participating in training, volunteer opportunities, personal study, webinars, and wherever I can gain more knowledge.
What do you think the biggest challenge is for cybersecurity right now?
Unfortunately, one of the biggest challenges is undoing the damage caused by some people who don’t understand cybersecurity, presenting cybersecurity as complex and requiring “complex”, high-sounding technology to make it work.
What solutions do you think could address this?
A basic understanding of the fundamentals taught in ISC2 CISSP domains can go a long way towards demystifying cybersecurity.
Who inspires you in the world of cybersecurity?
Adesoji Adegunwa is the main inspiration for me. He is the person who taught me about the CISSP concepts when I started out years ago!
What do you think people considering a career in cybersecurity should know?
A cybersecurity career is a journey!
To discover more about CISSP download our Ultimate Guide . Or read our whitepaper, 9 Traits You Need to Succeed as a Cybersecurity Leader .
Or, check out more interviews with CISSPs as a part of this CISSP interview series.