Crazy idea - honest opinions please

jonwinterburnjonwinterburn Senior MemberPosts: 161Member ■■■■□□□□□□
Hi all,

As the proud holder of CISSP (recently endorsed) and SSCP, and over 15 years of IT and InfoSec experience, I'm at the point in life where I don't know what to do. Do I progress from InfoSec analyst into security management? Or perhaps continue down the technical route? Maybe GRC is the right path? I really have no idea which path to follow. I'm approaching 40, so perhaps this is the start of my mid-life crisis.

A lifelong dream for me is to write a book. I'm under no illusions; I'm not JK Rowling. Having said that, years of experience of writing technical guides and **** sheets for users has made it clear to me that I can write for people when I put my mind to it.

With the sad passing of Shon Harris, I see an opening in the market for a fresh view on the CISSP Study Guide. Sure, there's a few others out there, but none of them covered everything you need to know the way Shon's books did.

What do you think? Does the community need a new CISSP study guide? Or is there another InfoSec exam/speciality that you feel lacks representation in the market? Has anyone else here seriously considered doing something similar?

Thanks!

Jon

Comments

  • ItrimbleItrimble Posts: 221Member
    I'm always encouraged when I see a new opportunity. If you have found one, I say take it. You'll be kicking yourself if you never tried.
    Goals for 2015 : Finish BS Network Administration at WGU
    Become CCNA, CISSP, CEH, VCP5-10 Certified
    Possible Start Masters in Information Security
  • E Double UE Double U ■■■■■■■■□□ Posts: 1,552Member ■■■■■■■■□□
    I'm approaching 40, so perhaps this is the start of my mid-life crisis.

    This is very likely, but you should always give your crazy ideas a try :)

    P.S. People usually regret taking my advice icon_wink.gif
    Alphabet soup: CISSP, CCSP, CISM, CISA, GPEN, GCIA, GCIH, GCCC, CEH, etc

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • tiagotavarestiagotavares ■□□□□□□□□□ Posts: 18Member ■□□□□□□□□□
    Yeah, this is a crazy idea. But genius buddies were considered crazy or idiots before they have success.
  • tiagotavarestiagotavares ■□□□□□□□□□ Posts: 18Member ■□□□□□□□□□
    Why dont you start to write a blog just for test?
  • kalkan999kalkan999 ■■■■□□□□□□ Posts: 269Member ■■■■□□□□□□
    I am writing a book. I can even get you in touch with a solid publisher.
  • E Double UE Double U ■■■■■■■■□□ Posts: 1,552Member ■■■■■■■■□□
    kalkan999 wrote: »
    I am writing a book.

    Get Your CISSP At All Costs - Don't Listen To Beads icon_smile.gif
    Alphabet soup: CISSP, CCSP, CISM, CISA, GPEN, GCIA, GCIH, GCCC, CEH, etc

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • jonwinterburnjonwinterburn Senior Member Posts: 161Member ■■■■□□□□□□
    kalkan999 wrote: »
    I am writing a book. I can even get you in touch with a solid publisher.
    Interesting. Are you writing a CISSP book? Or a different subject?
  • beadsbeads ■■■■■■■■□□ Posts: 1,442Member ■■■■■■■■□□
    Please report to the short bus for transport to your new living facility.
    E Double U wrote: »
    Get Your CISSP At All Costs - Don't Listen To Beads icon_smile.gif

    "As the proud holder of CISSP (recently endorsed) and SSCP, and over 15 years of IT and InfoSec experience, I'm at the point in life where I don't know what to do. Do I progress from InfoSec analyst into security management? Or perhaps continue down the technical route? Maybe GRC is the right path? I really have no idea which path to follow. I'm approaching 40, so perhaps this is the start of my mid-life crisis."

    The gentleman has stated he's been endorsed. How dense are you? Wait! I get it.

    We may disagree on opinions or even beliefs, that's fine but lets try to keep the protracted insults to a minimum - shall we? I think we can agree to disagree on another thread and keep it there.

    (*Off to the store to stock up on CISSP llort biscuits*)

    See you under the bridge.

    @jonwinterburn;

    Not a crazy idea. Start with a blog and write a peer reviewed white paper. SANS reading room has plenty of material to peruse as well. If you have something really interesting I'd suggest a presentation at a conference. You want to see how your message is received? Presenting at a conference will tell you how much stomach you really have for rejection or adulation, cause your peers are going to tell you to your face.

    Congratulations on the SSCP an CISSP, by the way.
  • kalkan999kalkan999 ■■■■□□□□□□ Posts: 269Member ■■■■□□□□□□
    Information Security book. Choosing a subject that is technical, but I am also going down the road as a 'story teller.' I figured since I am a pretty positive and motivational person who actively volunteered his time with the CyberPatriot program (Google it), and formerly taught and inspired a lot of very disheartened and permanently injured 'Wounded Warriors' through the project of the same name (not actively doing it this year as I haven't the grant money from WWP), why not write a book that people who are aspiring Information Security technicians, analysts, consultants and managers, etc., might actually enjoy reading, while also learning a lot at the same time.
    While I won't give the subject away, it does have a lot to do with where CISSP, CISM, CISA, and the plethora of SANS courses fit in as History lessons, how they fit presently, and how they can help one further down the road via continuing education paths as well as my 'take' on InfoSec and the future.

    Kalkan
  • f0rgiv3nf0rgiv3n ■■■■□□□□□□ Posts: 594Member ■■■■□□□□□□
    Do it. Take the chance you have and go all in on writing that book. Enjoy the process, soak in every experience as you go through all the steps. Make sure you force yourself to enjoy it otherwise you won't finish it nor will you want to do it again :). I absolutely agree that there is a need for more options for CISSP materials. The staple book that Shon had written was a very good book but difficult to go through as we all know due to the level
    of detail in there.

    There are lots of publishing options, you can either go the traditional route with contacting a real publisher or even just self-publish through a number of services.

    I'll buy it!!
  • E Double UE Double U ■■■■■■■■□□ Posts: 1,552Member ■■■■■■■■□□
    beads wrote: »
    Please report to the short bus for transport to your new living facility.

    The gentleman has stated he's been endorsed. How dense are you? Wait! I get it.

    Tranquilo, I was cracking a joke on kalkan which is why I quoted him lol. Don't take yourself too seriously icon_wink.gif
    Alphabet soup: CISSP, CCSP, CISM, CISA, GPEN, GCIA, GCIH, GCCC, CEH, etc

    "You tried your best and you failed miserably. The lesson is, never try." - Homer Simpson
  • beadsbeads ■■■■■■■■□□ Posts: 1,442Member ■■■■■■■■□□
    E Double U;

    I should get you in touch with my Inbox on this board. Seems your the only one with a sense of humor.
  • jonwinterburnjonwinterburn Senior Member Posts: 161Member ■■■■□□□□□□
    Thank you all for your comments and suggestions. This forum is amazing, I've never known another like it. I'm proud to be a part of this community, which is quick to respond and provide advice, but slow to criticise. Thanks!
  • GForce75GForce75 Posts: 222Member
    Good stuff Jon! It's amazing where life will take you. Best of luck in whatever path you take!
    Doctoral Candidate - BA (33/60hrs) ~ MBA/Project Management ~ BA/Business-IT
  • dustervoicedustervoice ■■■■□□□□□□ Posts: 877Member ■■■■□□□□□□
  • jonwinterburnjonwinterburn Senior Member Posts: 161Member ■■■■□□□□□□
    I had a thought a couple days ago: why don't I start by writing an eBook guide to scoring your first InfoSec job, based upon my own experience? How to write your CV/resume, prepare for interviews, what certs are best for which roles, things you absolutely must know and so on. If that's well received, then I can expand upon it and write the CISSP study guide.

    So I made a start on building the framework for the book. Today I had a look on Amazon to see if there's anything similar out there - there wasn't last time I looked (about a year ago). Alas, 3 days ago I was beaten to it! There's a dummies guide just out: http://www.amazon.co.uk/Getting-Information-Security-Job-Dummies/dp/1119002818/

    Damn! Should I bother trying to compete with such a big brand? The only difference between my idea and this Dummies guide, is that I was planning on making the book free on Kindle and all open ePub formats. I figure it's a chance to give back to the community, gives me a ton of CPEs and also gets my name out there.

    What do you think? Worth pursuing?

    Thanks!

    Jon
  • philz1982philz1982 Posts: 978Member
    How about this? What if you did a blog book. Meaning you posted each chapter to your blog and you built up a following then you consolidate the book and keep it up to date with versioning.

    Your blog readers are involved with you writing it and its a proven fact that people like what they help create.
  • jonwinterburnjonwinterburn Senior Member Posts: 161Member ■■■■□□□□□□
    philz1982 wrote: »
    How about this? What if you did a blog book. Meaning you posted each chapter to your blog and you built up a following then you consolidate the book and keep it up to date with versioning.

    Your blog readers are involved with you writing it and its a proven fact that people like what they help create.

    I did consider doing a blog. But everyone is blogging these days and driving readers to your blog is no mean feat.

    Edit: I misunderstood your suggestion. A blog book, rather than a blog sounds like a good idea. Thanks!
  • aftereffectoraftereffector Posts: 525Member
    Go for it! If you need a copyeditor or proofreader, let me know.
    CCIE Security - this one might take a while...
  • f0rgiv3nf0rgiv3n ■■■■□□□□□□ Posts: 594Member ■■■■□□□□□□
    Ignore the dummies book. No offense to the branding or those who right it but I would never use a dummies book for studying for a cert. I always see their books as a "beginners" guide, an introduction so to speak. Keep going at it, ignore that book!
  • TheFORCETheFORCE Senior Member Posts: 2,297Member ■■■■■■■■□□
    When I read the AIO Shon Harris book, in the introduction or preface or somewhere around there, she said that back when she took her CISSP even though she passed she felt like she was not worth it because of all the information that was missing. From her point of view she felt that she needed a borader knowledge. That's why she wrote the AIO books, to include ALL information related to security. My opinion, having read the book cover to cover I can tell you she was probably right, her book can be used for other certs too as a supplemental material not just for CISSP. So with that said, yes, there is a void, go for it, write and revise and do your best. You never know, you might be the next Shon Harris.
  • jonwinterburnjonwinterburn Senior Member Posts: 161Member ■■■■□□□□□□
    Thanks again for all your supportive comments! I've made a start on it and will let you know when the first chapter is on my blog. It'll be a long hard slog, but I think it'll be worth it.
Sign In or Register to comment.