We checked with independent security expert Brien Posey, MCSE, and here’s his answer:
“I would recommend starting by getting a CISSP certification. The classes can be expensive, but there are plenty of books that can prepare you for the exam without you ever having to set foot in a classroom.”
Interested in more from Brien Posey? Read his latest SearchCIO-Midmarket tip, <a href=”http://searchcio-midmarket.techtarget.com/tip/0,289483,sid183_gci1333243,00.html”>Unified communications: Securing access to OCS</a>.
The CISSP is not a starting point — it requires 5 cumulative years experience in at least 2 of the 10 domains.
SANS GIAC / CompTIA Security+ are better suited as starting points.