It is a regularly recurring discussion within organisations. When do you really know something? Organising information provision has become enormously complex. Clients cannot oversee this forest of three-letter abbreviations and have to rely on advice. I see too many professionals bluffing their way through the field based on 'a dose of common sense' and a smooth talk. I like to go one spade deeper. When a client asked me in 2019 if I could assist them in making their organisation ISO27001-proof, I replied; "yes, but". Yes, but I am going to pass the Certified Information Systems Security Professional exam first. I study for fun and this was a means to force myself to keep up. No sooner said than done. I registered at FOX-IT in Delft and followed the training from January to July. Lovely to immerse yourself in such an uber-geek organisation.

Een CISSP certificering is drie jaar geldig. Intussen dient de professional aantoonbaar zijn vak bij te houden door zelfstudie en  training. Inmiddels heb ik voldoende “CPE’s” gehaald om het CISSP label ook voor de periode 2023 – 2026 te kunnen dragen.

Update (aug 2023): CISSP certificering verlengd tot augustus 2026