[Owasp-portland] continuing ed

james bohem james at holycow.portland.or.us
Mon Jul 9 21:01:52 UTC 2012

On Jun 25, 12:01pm, David Pirolo wrote:
} Subject: [Owasp-portland] continuing ed
} Are there any in this group who are web developers with CISSPs (or maybe
} some other cert)?

Yes, although I don't do a lot of development these days.

} I've been considering a CISSP, but I haven't had the business
} justification to take time out of my work day to maintain it since I
} work for a marketing department and they don't really consider it much
} of a priority.

I'd say make it their priority. It should be added cred for them having a CISSP
on staff; maybe nobody ever asks them about their security credentials? 
Or, do it for yourself. Every job I've held in the last dozen years or so
has either required or desired it. 

} Outside of writing a book, I'm not crazy about spend up all my personal
} time for this so am trying to figure out if there is a way to justify it
} to a marketing department or if any of you have just bit the bullet for
} a period of time. Thoughts, insights?

Depending on your background, self-study should not consume a huge amount of
time, and I recommend that route - the prep courses are expensive and cover
what I'd consider the basics, if you have a few years of real experience.
If the test is offered again locally some time a ways out, there's likely to be a study group leading up to it you could join.

} Do OWASP meetings offer credit?

You can claim credit for chapter meetings as long as there's a security topic discussed - so ISACA and ISSA meetings locally would count, too. 

--- James Bohem

More information about the Owasp-portland mailing list