News

Continuing education options for CISSPs: Top 10 ways to earn CPEs

Who says you can't have fun while earning CPE credits? Check out the top 10 ways to meet CISSP® and SSCP continuing professional education requirements.

Published: 22 Jun 2005 1:00

By Donald C. Donzal, CISSP, MCSE 2003

Who says you can't have fun while earning CPE credits? Check out the top 10 ways to meet CISSP and SSCP continuing professional education requirements.

Summer is upon us. It's time to put down those technical manuals and hit the beach. So grab that plastic, water-proof bag and stuff it with sunscreen, towels, water and light fiction. I can think of no better way for CISSPs and SSCPs to earn continuing professional education (CPE) credits.

@11656 It sounds odd, but if you think creatively, there are some cool ways to meet your CISSP® requirements of 120 CPEs (60 for SSCP) over a three-year period. Then again, you could always forget those CPEs and take the exam again, but who really wants to sit for another six hour exam? So let's get inspired and explore interesting ways to maintain your (ISC)2 credential.

You can go the traditional route and attend conferences such as Information Security Decisions, subscribe to industry recognized periodicals like Information Security magazine and attend top notch security training from the SANS Institute or educational programs such as (ISC)2's own Security Leadership Series. All are credible and recommended ways to keep abreast of industry trends and best practices, but there are many more CPEs yet to earn.

Before we begin, let's cover the basics. If you visit (ISC)2 on the Web (isc2.org), you'll find a list of qualifying CPE activities that include, but are not limited to, the following:

  • Attending educational courses or seminars
  • Attending security conferences
  • Being an active member of an association chapter
  • Listening to vendor presentations
  • Completing university/college courses
  • Providing security training
  • Publishing security articles or books
  • Serving on industry boards
  • Self-study
  • Volunteer work, including (ISC)⊃2; volunteer committees

    This leaves the game open to your interpretation, and that is exactly what (ISC)2 intended. Marc Thompson, Executive Vice President of the (ISC)2 Institute, says, "The whole point is to give you the freedom to choose your own destiny. After all it is your education."

    So let's get to it. I put my own creative juices to the test and came up with the top 10 creative ways to earn (ISC)2 CPEs. In no particular order, here are some suggestions.

    1. Read The Mezonic Agenda (on the beach), by Herbert Thompson and Spyros Nomikos – This is part of the Syngress CyberFiction Series. A fully interactive game is also embedded in the storyline. Learn while being entertained.

    2. Post in forums – You'd do it anyway, so why not share your security war stories or your certification experience at The Certified Security Professional Online Magazine? Or, share security solutions with your peers in SearchSecurity.com's ITKnowledge Exchange.

    3. SearchSecurity's Security School webcasts – Don't sit in a classroom gazing out the window at the wonderful summer weather. Take your laptop outside and learn about Web security or e-mail security at your own pace.

    4. Volunteer at a local elementary or high school – You never know, they may just teach you a thing or two about computer security.

    5. Join a local users group – If you can't find one, punch your zip code into Culminis' IT Pro User Group Locator. No groups in your area? Start one! Every hour spent in meetings is eligible toward your CPE count (earn more CPEs if you are a board member), and the local networking opportunities may help your career.

    6. Play video games – Yes, you read that correctly. Search for 'hacker game' at download.com and check out titles such as Uplink, BS Hacker and MindLink. You'll learn security concepts while having a blast. This one may require you to be creative on your CPE submission form.

    7. Basket Weaving 101 – OK, it's not quite that easy, but 40 of your 120 CPEs can be professional development courses not related in any way to IT security. Let your mind go wild on this one.

    8. Tired of traveling? Have the CPEs come to you. Invite a security vendor to make a presentation at your company.

    9. Get your MBA – Sure they're a dime a dozen, but it never hurts the resume. So why not have your studies do double duty? All college courses meet the CPE requirement.

    As for No. 10, if you wrote this article, you would have earned 10 more CPEs!

    Next month we'll cover (ISC)2's newly revamped CPE Submission Program and how that will greatly benefit all (ISC)2 certified professionals.

    About the author
    Donald C. Donzal, CISSP, MCSE 2003 had his first 'real' job as Systems Admin for a hospital and later formed a successful consulting business continuing his work in the medical field while expanding into the SMB and media markets. An entrepreneur at heart, he became CTO of Telco Billing Solutions, Inc. After the tech bubble burst, he accepted a position in his hometown as Director of IT for the Department of Medicine at the University of Illinois at Chicago (UIC), home to the largest medical school in the country. Taking his experience from a wide range of industries and the security concepts intertwined in each, he co-founded The Digital Construction Company in 2004. A firm believer of life-long education, Mr. Donzal is also an advocate of industry certifications as a baseline of knowledge. For this reason, he created CSP Online Magazine as a free and open exchange of security information. Still employed by UIC, Mr. Donzal continues to preach the wonders of technology through a combination of writing, speaking, studying and, of course, working in IT.

    CISSP® is a registered certification mark of the International Information Systems Security Certification Consortium Inc., also known as (ISC)2. No endorsement by, affiliation or association with (ISC)2 is implied.

    • Read more on IT risk management