CISM Bootcamp from InfoSecInstitute

Spread the love

Spent last week in a virtual class going through the materials for the CISM exam. I had an interesting instructor Victor Marsh who was very knowledgeable on the subject. He provided a ton of material over and above what InfoSecInstitute sent me and I would say the class was fairly palatable.

The material for the CISM exam is what one would expect in that it was rather dry. Mostly I felt that the subject matter is more common sense, similar to ITIL however, what seemed odd to me is that the CISM is targeted towards the CISO level audience or at least that is what Victor believes (he is an ex-CISO).

The virtual classroom was good and I was surprised to see that Lync was being used for this. Lync did have issues with freezing and lockups for both student and instructor. 

Key things to remember from the course:

  1. It’s all about the business or the money.
  2. When in doubt do an assessment.
  3. Never trade critical business functions for security.
  4. Impact is the bottom line for business and risk.
  5. Top-down approach.

Next, stop Microsoft Ignite, OSCP and re-certifying my CCNP.

Written by


Technology, Science and Philosophy