The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. This is so because of all the doors that certification opens to a CISSP professional. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.
In this installment, we talk
Chinyelu Philomena Karibi-Whyte
. Chinyelu shares with us why she pursued CISSP and how achieving it enabled
her to develop her career and negotiate a better salary.
What job do you do today?
I am a Cyber Security Consultant within the Cloud Infrastructure Service at a Consulting Organisation.
What problems does your company solve?
My team and I help organisations deliver secure cloud projects, ensuring cybersecurity is applied from the design stage of the project through to the delivery stage. This is to ensure cybersecurity is not placed as an after thought.
What was life like when you started out in your career in cybersecurity?
I have been working on IT hardware for 11 years and realised I had a passion for being secure in all I do. I took a work break to return to school to get an MSc degree in Cyber Security.
What was your first cybersecurity job?
A Security Consultant with a Consulting Firm. I was responsible for conducting security risk assessment for the Galileo System Data Centres. Galileo system is the European Union equivalent of the US GPS system.
Why did you first decide to get into cybersecurity?
In 2006 I wanted to specialise in a part of Information Technology at some point in my career not just being a general IT person.
I realised I had a passion for wanting to be secure at all times. That passion was what pushed me into Cyber Security. The cyber space is broad, with the surface web making up only about 20%. The rest of the cyber space which comprises of the deep web and dark web is somewhat dangerous with a lot of threat actors planning and initiating attacks. Thus keeping the cyber space secure is a goal for me.
What first attracted you to consider getting a cybersecurity qualification?
To prove I was committed and passionate about becoming a Cyber Security Professional.
Why did you decide to undertake CISSP?
Most job requirements in the Cyber Security domain had a requirement to be CISSP certified or be working towards it.
What prompted you to do that?
To enable me get into the Cyber Security role I loved.
How long did it take to achieve CISSP?
1 year and 3 months of personal study
How did you prepare for the exam?
It was all self-study. I used Shon Harris videos, 11 th Hour CISSP by Eric Conrad, ISC2 CISSP Certified Information Systems Security Professional Official Study Guide and used CISSP Official ISC2 Practice Tests and CCCure for my practice questions.
What most surprised you about CISSP?
How broad the 8 domains were and the fact that I completed the 250 questions in 4 hours instead of 6 hours.
How did it change how you approached your work?
I understand that Security is ultimately a business decision because Security exists for the business.
What were the first changes you noticed after becoming a CISSP?
I got so many interests in my CV and got interviews. CISSP enabled me negotiate a better independent contractor daily rate and employee salary.
What steps brought you to the job you do today?
My quest to keep my skills updated and my working as an independent consultant in multiple organisations, giving me different exposure to clients needs and requirements.
What is the biggest challenge you have faced in your career?
Working with a client where the environment was toxic.
What ambitions do you have for your career ahead?
To develop a security product that will reduce cyber security risks.
What is it about your job that you love?
Being able to identify all the security vulnerabilities existing within an environment and proffer ways to reduce the associated cyber risks.
What achievement or contribution are you most proud of?
Completing an MSc degree in Cyber Security and having my dissertation on Analysis of Techniques for Visualising Security Risks and Threats published.
How do you think you have personally benefited from becoming a CISSP?
Becoming a CISSP has made me approach issues in a structured and professional manner. The Code of Ethics keeps you in check and helps you remain professional in all you do.
How do you ensure your skills continue to grow?
I am involved in a lot of Continuous Professional Education. I have also gone on to obtain other Information Security certifications and have recently passed the Cloud Security exam offered by ISC2.
What do you think the biggest challenge is for cybersecurity right now?
The biggest challenge in Cyber Security is human. No matter the technical advancements, there will always be human errors occurring, be it intentional or unintentional. These risks cannot be completely eradicated but mitigated with constant security awareness and education as well as developing tools based on machine learning to predict and detect insider threats to a greater degree of accuracy.
What solutions do you think could address this?
Constant security awareness, education and training will reduce human errors in cyber security.
Who inspires you in the world of cybersecurity?
Uncountable professionals that I cannot begin to enumerate.
What do you think people considering a career in cybersecurity should know?
Cyber Security is constantly evolving. Being in Cyber Security means you have to keep updating your knowledge base to keep up with the ever changing threat landscape.
To discover more about CISSP download our Ultimate Guide. Or read our whitepaper, 9 Traits You Need to Succeed as a Cybersecurity Leader.
Or, check out more interviews with CISSPs as a part of this CISSP interview series.