Welcome back to CyberVista’s Student Spotlight series. In this series we talk to newly-minted CISSPs who used the CyberVista system to earn their cert.
Student Spotlight: Gary Brown, CISSP
This episode we talked with Gary Brown, who has over a decade of experience in the cybersecurity field, and currently works for a major telecommunications company. The following interview has been edited for clarity and brevity.
CyberVista: What first interested you about cyber as a career path?
Gary: I was assigned to an information security position by the Air Force about 12 years ago. I’ve been an information warfare aggressor; I’ve been a cyber tactics officer; I’ve participated in vulnerability assessments. But I’ve always been interested in technology and security. I also grew up in a bad neighborhood (laughs), so I was constantly thinking about risk.
CV: Right now, what is the most interesting part of the security field to you?
G: Information security is more important now than ever. When you combine artificial intelligence and the Internet of Things (IoT), those two things alone are enough to make the field explode. There’s a demand for automation, but no clear way to prevent bad people from causing a lot of damage. One example is self-driving cars: If someone could gain control of a self-driving car, they could intentionally shut down an interstate, hurt people, and cause public safety problems.
CV: Why did you decide to start studying for the CISSP certification?
G: My goal was not to get the certification for the certifications sake, but to build and retain my subject matter expertise.
CV: How did you choose CyberVista?
G: The CyberVista course is more of a system than a boot camp, providing you with multiple different tools to ensure your success. I’ve done several 1-week boot camps, and don’t feel they optimized my time. It’s not effective for me to sit through a class and try to cram all the information in at once, especially when I’m tired. I chose the CyberVista course because I felt like I would retain the information better in the long term if I studied it over a longer period of time and at times of my choosing.
CV: Which of the CyberVista resources did you find to be the most helpful while you were studying?
G: Probably the question bank. My approach was to get that base level of knowledge conceptually, then memorize the information that didn’t stick with me from my conceptual studying. Learning how to understand and answer the question you’re being asked is critical, so I challenged myself with a lot of questions and paid careful attention to explanations on the questions I got wrong. On exam day, even though I hadn’t seen any of the questions before, I still felt like I knew how to answer at least 220 [out of 250] straight up.
CV: What strategy was most helpful for you leading up to test day?
G: Information security is a system of complex systems. The purpose of the CISSP certification is to demonstrate that you have an understanding of that system of systems and how it works. Therefore, the key to success with the CISSP is to develop a holistic, flexible, conceptual understanding of how the information security system of systems works. First, I wanted to understand the concepts, then I tried to understand how the concepts work together, and then I finally turned to memorization for the things I still didn’t know. Rote memorization will help you remember the individual parts of the system, but you need a lot more than that to understand how the system works overall.
CV: Outside of cybersecurity and studying for certifications, what do you like to do for fun?
G: Hiking is probably my biggest hobby, with some history of mountain climbing. I live near Seattle, so I’m close to the mountains where all the best hiking is. The only downside is that it’s been raining so much this year – It’s terrible!
Do You Want to Pass?
Just like Gary, we want to motivate people to take and pass the CISSP exam. At CyberVista we have two goals: Help you learn the material so you can pass the exam, and help you retain the information so you can apply what you learn for the long term. Learn more about CyberVista’s CISSP Training Course here.