Name: Yong Shi
Employer: Shanghai JiaoTong University
Location: Shanghai, China
Years in IT: 13 years
Years in cybersecurity: 13 years
Cybersecurity certifications: CISSP, CISA, ISO27001LA, Cobit Foundation, ITIL V3 Foundation
How did you decide upon a career in cybersecurity?
I studied information security during my undergraduate degree at Shanghai JiaoTong University. After graduating, I stayed to teach cybersecurity. The field of cybersecurity is enigmatic and it is a knowledge difficult to be fathomed, so I believe that is why some young people are interested in it. When I was still pursuing my studies, I volunteered as a network administrator and often helped solve network problems, mostly arising from security issues, for my schoolmates. The massive weakness in hardware and system protection made me think that there was still a lot to be done. That is why I was determined to develop my career in cybersecurity.
Why did you get your CISSP®?
In 2004, I learned about the CISSP from one of my friends. He told me that there was an internationally recognized certification which can help us learn an entire body of knowledge of cybersecurity, and earn acceptance from the industry peers. Therefore, I decided to get the CISSP to help my career development and show my dedication to the industry.
What is a typical day like for you?
I am heavily involved in research about cybersecurity topics. I usually discuss with students cybersecurity issues and analyze the security tools or malicious files in the laboratory in the morning. In the afternoon, I talk with various enterprises about security incidents and evaluation on cybersecurity products. I usually work on my dissertation and read the latest security journals in the evening.
Can you tell us about a personal career highlight?
As an invited teacher by many cybersecurity institutions in the eastern part of China, I have established a network of contacts in the CISSP community. In 2014, I was honored to found the first (ISC)² Chapter in China – (ISC)² Shanghai Chapter.
How has the CISSP certification helped you in your career?
The CISSP certification not only provides me with a perspective to better understand cybersecurity in a systematic way, but also a more thorough view of resolving cybersecurity issues. As a credential holder and an (ISC)² authorized instructor, I am able to train candidates in a more systematic and comprehensive way with relevant real life security experience. The certification has opened a window for me to meet with more experts from the cybersecurity industry, as we work together to enhance the communications and exchanges.
What is the most useful advice you have for other cybersecurity professionals?
Cybersecurity is an emerging industry, especially in the current era of rapid development of global network, there are many opportunities and challenges in this area. This is an industry which is suitable for young people to explore and grow. I personally welcome any young entrants to join the (ISC)² family and work together for a better and safer future.
Interested in becoming a CISSP? Find out how to certify.