Certification and Training Plans for 2025

The main certification I want to complete for early 2025 is my CISSP after having already obtained my CSSLP certification in 2024. Hopefully, these weekly blog posts will help keep me on track and making forward progress towards that goal. I’ve already picked up my copy of Destination CISSP.

Additionally, I purchased the Practical Malware Analysis & Triage course/exam from TCM Security. As a developer, I have an interest in exploring malware and reverse engineering. I’m hoping this course will help me tickle that itch. I intend to attack this after finishing my CISSP.

Since last year, I’ve been attending some great incident response trainings offered by CISA as part of their Cyber Range Trainings. Provides instructor led hands-on labs in virtual environments to practice and learn new skills. To date I’ve attended the following:

• Defending Internet Accessible Systems (IR204)
• Using the CISA Incident Response Playbook at your Organization (IR211)
• Initial Triage and Data Collection (IR215)
• Incident Response Series Lab Class: Data Analysis (IR216)
• Incident Response Triage Series Lab Class: Cyber Threat Intelligence Development (IR217)
• Integrating Cyber Threat Intelligence Cyber Range (IR219)

I’m currently registered for:

• Preventing DNS Infrastructure Tampering (IR206)
• Defend Against Ransomware Attacks Cyber Range Training (IR209)

I would love to take some SANS classes; but the cost is prohibitive and not something that my work will cover. The work study program they offer is interesting and something I might explore. If anyone has participated in it, some shared insight into the experience would be appreciated.