Last month we began a series here on the (ISC)² blog – CCSP Spotlight. Over the next several months, we will share some of our members’ stories with you.
Name: Diane Perry
Title: Information Security Manager
Employer: EMC/Virustream
Degree: B.A., M.S.I.A. (in process)
Years in IT: 20
Years in cybersecurity: 16
Cybersecurity certifications: CCSP, CISSP-ISSMP, CSSLP
How did you decide upon a career in cybersecurity?
My cybersecurity career found me. I had an amazing manager and mentor at Ford Motor Company who recognized my passion for security. This was at a time when IT managers still had security listed as "something else they did," but just before many companies broke security into a separate business unit. It was the perfect time to transition. Due to the size and maturity of FMC, I was able to experience exactly what best practices looked like in the real world early on in my career.
Why did you get your CCSP®?
I was loaned to another group within my organization to assist with security requirement gathering and gap analysis for a large financial client in Europe. As my first cloud-specific assignment, I quickly learned that there were significant differences from traditional security implementations and felt that my knowledge was lacking. Within six months of returning from that engagement, I obtained my CCSP.
What is a typical day like for you?
I don't think I have ever had a "typical" day during my entire career. It is the constant need to adapt and think on my feet that keeps me so engaged. Regardless of how boring it may seem to C-level executives, security is anything but dull. No other group touches everyone within a company quite like security. On any given day, I could discuss business continuity planning, vulnerability assessments, forensics, phishing emails, and physical controls all before lunchtime.
Can you tell us about a personal career highlight?
While working for the U.S. Army, I was a representative for the Transglobal Secure Collaboration Program, and was afforded the opportunity to present a white paper to the first White House Cybersecurity Czar, Howard Schmidt. I received a tour of the Secret Service headquarters and got to see the President's limo as an added bonus.
How has the CCSP certification helped you in your career?
To thrive and survive in the security field, you must be a lifelong learner. In a constantly evolving line of work, it is vital that practitioners remain current and competitive. The CCSP is a generalist certification that covers a great deal of information, and is a useful add-on to the CISSP® existing body of knowledge. For those new to security, my recommendation would be to obtain the CISSP first.
What is the most useful advice you have for other cloud security professionals?
The CBK® book for the CCSP exam is an excellent reference on its own. Even if your company has no plans to move into the cloud now, they will move eventually. You will best serve yourself by having this information well in advance of that decision.
Anything else you would like to tell us?
If you’re not already one, then become a cybersecurity evangelist. There is a desperate need for more cyber experts across all industries. Talk at high schools and colleges in your area, attend conferences as a speaker, get the word out that ours is an exciting, challenging and diverse field filled with brilliant, talented and passionate people.
For more information about the Certified Cloud Security Professional certification, visit https://www.isc2.org/ccsp.