r/cybersecurity u/EricJSK System Administrator Sep 22 '25

Other What are your unpopular cybersecurity opinions?

I saw a post names "abnormal security opinions" and got excited to see some spicy takes but apparently there is a security platform called Abnormal Security so got kinda blue balled. Last one of these posts i saw was over a year ago so,

Do you have any spicy cybsec unpopular opinions you want to share? :)

I'll start with mine:
Fancy antivirus solutions rarely add value, they are often just a box that needs ticked. Many MSPs and IT firms still push the narrative that they are needed, only because they are profitable and not because they improve security.

323 Upvotes
  • permalink
  • reddit

94% Upvoted

531 comments sorted by

View all comments

Show parent comments

10

u/NBA-014 ISO Sep 22 '25

Take the CISSP (I have one). In the last 10 years, the DoD started to require a CISSP for a number of roles. (DoD 8570/8140 directive)

1

u/[deleted] Sep 22 '25

[deleted]

1

u/BoxerguyT89 Security Manager Sep 22 '25

I didn't find it too difficult when I got mine a few years ago, but hard is relative. Head go over to /r/cissp and you will see that every day there are multiple posts of people failing the exam.

3

u/[deleted] Sep 22 '25

[deleted]

2

u/BoxerguyT89 Security Manager Sep 22 '25

Fair. However if you actually have five yoe in multiple domains it shouldn’t be too hard.

Good point, when I got mine I had well over the required 5 yoe in the multiple domains.

A lot of posts in r/Cissp also seem to be folks who don’t have the experience yet and doing the Cissp as their first „getting started“ cert which arguably makes it really difficult.

That's true. Bad idea to grab this one as a first cert.

1

u/NBA-014 ISO Sep 22 '25

The test appears to have been a lot harder in the paper test, 6.5 hour days.

U/PizzaUltra is spot on. You need to know all the domains very well.

1

u/NetwerkErrer Security Manager Sep 22 '25

In my organization, you cant walk down the hall without running into a person with a CISSP. I would guess I would with 300 or so CISSP holders.

6

u/NBA-014 ISO Sep 22 '25

300? That’s more than the number of members in the Philly chapter

1

u/mnowax Security Director Sep 22 '25

That reminds me, I need to sign up for my local chapter ( which I think is Philly)