CISSP For Dummies. Peter H. GregoryЧитать онлайн книгу.
Building your professional brand
You are defined by more than just your job title and your certifications. As you take your career further into information security expertise (and perhaps leadership), you’ll want to establish your brand above and beyond the job you are in today. Infosec professionals tend to stay in their positions for three to four years — a small fraction of a career. Instead of remaking your brand each time you change employers, elevate your brand to set it apart from your employers. Here are some of the ways you can spread your wings:
Create a LinkedIn profile. LinkedIn has become the de-facto platform for building your brand. If you haven’t done a lot with LinkedIn, we suggest that you pick up a copy of LinkedIn For Dummies, 4th Edition, by Joel Elad (John Wiley & Sons, Inc.) and go all in.
Join (ISC)2 and other communities. You might find your niche through the (ISC)2 communities discussed earlier in this chapter, where you can help and be helped.
Use other social media. If you are serious about building your brand, you might also consider creating a professional Twitter and/or Instagram account.
Start a blog. Your opinions and insights matter, and a blog is a great way to express yourself through articles and other information about yourself and your contributions to the profession.
Print personal business cards. If you are a business-card type of person, consider getting your own business cards. Go plain or go fancy. Peter prefers the minimalist approach, as you can see in Figure 2-1.
Photo courtesy of authors
FIGURE 2-1: Make your own personal business cards.
Personal Branding For Dummies, 2nd Edition, by Susan Chritton (Wiley), is a great way to learn more about your brand and how you can use it to help others and get ahead.
Pursuing Security Excellence
We think that the best way to succeed in a security career is to pursue excellence every day, whether you’re already in your dream security job or just starting.
The pursuit of excellence may sound like a lofty or vague term, but you can make a difference every day by doing the following:
Do your best job daily. No matter what you do for a living, be the very best at it.
Maintain a positive outlook. Happiness and job satisfaction are due in large part to your attitude. Having a good attitude helps make each day better and allows you to do a better job. Because optimism is contagious, your positive outlook will encourage your co-workers, and pretty soon, everyone will be whistling, humming, or doing whatever else they do when they like their jobs. Have an attitude of gratitude.
Continually improve yourself. Take the time to read about security practices, advances, developments, and changes in the industry. Try to figure out how innovation in the industry can help you and your organization reduce risk even more, with less effort.
Understand your value. Take the time to understand how your work adds value to the organization; try to develop more ways to add value and reduce risk.
Understand the big picture of security in your organization. Whether or not you’re responsible for some aspect of security, take the time to understand your organization's principles to increase security and reduce risk. Use the security and risk management principles in Chapter 3, and see how those principles can help improve security even more. Think about your role in advancing the cause of asset and information protection in your organization.
Understand information security on a global scale. Take the time to understand big-picture trends globally: what nation-states pose the greatest threats, developments in security and privacy laws, workforce trends, and changing attitudes about information security. This information will help you stay current in this rapidly evolving industry.
If you make the pursuit of excellence a habit, you can change for the better over time. You end up with an improved security career, and your organization gets better security and reduced risk.
Part 2
Certification Domains
IN THIS PART …
Understand security and risk management concepts and principles.
Make your knowledge of asset security one of your assets.
Design and implement secure software, systems, and facilities.
Master communication and network security fundamentals.
Recognize identity and access management techniques.
Conduct security assessments, scans, testing, and audits.
Apply security operations concepts and controls.
Ensure secure software development throughout the development life cycle.
Конец ознакомительного фрагмента.
Текст предоставлен ООО «ЛитРес».
Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.
Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.