Certifications have been an important part of my cybersecurity journey. Here’s where I’m at.
CISSP — Certified Information Systems Security Professional
AchievedThe CISSP from ISC2 covers eight domains of information security, from security and risk management through to software development security. It was a challenging exam that pushed me to think broadly about security rather than focusing on any single technical area.
I wrote about my study approach and exam experience in my CISSP journey post.
CCSP — Certified Cloud Security Professional
The CCSP builds on the CISSP foundation with a deep focus on cloud security architecture, design, operations, and compliance. As organisations continue to move workloads to the cloud, understanding how to secure these environments properly feels increasingly essential.
I'm currently working through the official study guide and supplementing with hands-on cloud lab work.
Study Resources I'd Recommend
- ISC2 Official Study Guides — Dense but comprehensive. I used these as my primary reference for both the CISSP and CCSP.
- Destination Certification MindMap videos — Rob Witcher's YouTube series is brilliant for visual learners. He maps out each domain clearly and concisely.
- Boson Practice Exams — The closest I found to the real exam experience. The explanations for wrong answers are just as valuable as the questions themselves.
- Luke Ahmed's "How to Think Like a Manager" — Essential reading for the CISSP. It shifted my approach to the exam questions entirely.
- r/cissp and r/ccsp — The Reddit communities are genuinely supportive. Reading other people's exam experiences helped me know what to expect.