Benjamin Collar, CISSP
Welcome back to CyberVista’s Student Spotlight Series. In this series we talk to newly-minted CISSPs who used the CyberVista system to earn their cert. This episode we talked with Benjamin Collar, Manager of Cybersecurity Research Group in Corporate Technology at Siemens. The following interview has been edited for clarity and brevity.
CyberVista: You and your team help businesses identify changes in the cybersecurity landscape. So, what is the future of cybersecurity?
Ben Collar: It changes every three minutes. But a big trend I see is that as we move toward Internet of Things [IoT]-style technologies, we have so many challenges. Privacy challenges, maintainability challenges- can you patch it? What’s its uptime? And so on. Those IoT devices are getting more embedded into life. We have real autonomous systems out there that are beginning to interact. We cannot make the same mistake where we deploy everything, and then think about cybersecurity.
CV: Who is the “we” in your answer?
BC: Everybody. People. The universe, not just Siemens. The people-side of technology is as important as the technology itself. The approach to learning, and teaching, and discussing cybersecurity for the average person is not there yet. It’s not sufficient.
CV: So how do we make education for lay people sufficient?
BC: I am a big fan of the approach of tying security to people’s everyday lives in their homes. Help people understand why it is important to protect their home network. If they believe in security at home, they are going to go do it at their workplace as well.
CV: Speaking of educating and training, what was your motivation for earning the CISSP cert?
BC: I have sufficient knowledge of cybersecurity principles, but going for a CISSP meant I had to study even deeper. And the exam material is very broad, which reflects my job. I have a huge portfolio that offers the entirety of the cybersecurity enchilada to all of my customers. I need to be able to discuss cybersecurity sufficiently and fluently to make sure I am making the right offer and assigning the right resources. The CISSP, over other certs, helps me cover the wide amount of customer engagement I have to deal with.
CV: What did you like best about your CISSP course?
BC: The online-ness. I can’t afford, time wise, to sit in a classroom for a whole week. Being able to watch the class, and participate, while trying to put my daughter to sleep, was a big boon. Also, the class was organized really well. The multiple online quizzes that we were able to take, and then learn what areas we needed to study more, was really helpful. Also, the light board is great. I loved the light board. That’s actually why I signed up in the first place.
Also, leading up to the exam I was traveling a lot. So having that cheat book [Summary Notes] was really helpful. I carried that with me on my flights and all of the important things were right in front of me.
CV: In which class did you learn the most?
BC: The midterm test taking strategies was a great lesson. That was really good content and had some helpful test-taking tips in it.
CV: What was your favorite class experience or moment?
BC: I didn’t fully understand the technical details of covert channels. So I asked a few questions in class about them, and Troy [Ben’s instructor] suggested that I do some research outside of class, and then present what I learned to the class. So that was a great exercise and a smart move on Troy’s part.
CV: See one, do one, teach one?
BC: Right. If you can present it, then you sufficiently understand it.
CV: What’s your favorite domain?
BC: The one surrounding secure coding. I have a programming background so Domain 8 is close to my heart.
CV: Aside from studying Domain 8, what do you like to do for fun?
BC: Well I have a three-year-old. So my life is all fun. According to her, all we do is have fun. I also do Capoeira, it’s a Brazilian dancing martial arts thing. That’s a lot of fun.
Do You Want to Pass?
Just like Ben, we want to motivate people to take and pass the CISSP exam. At CyberVista we have two goals: Help you learn the material so you can pass the exam, and help you retain the information so you can apply what you learn for the long term. Learn more about CyberVista’s CISSP Training Course here.