The benefits of Continuous Professional Development
07:40 Thursday, 22 July 2021
UK Cyber Security Council
Keeping a record of the Continuous Professional Development (CPD) we do can be a chore. It’s a necessary chore, though, as CPD is a key ingredient in maintaining the professional certifications that many of us hold. As the holder of the CISSP certification, for example, one has to undertake 120 units of CPD in every three-year cycle (a unit generally equates to spending an hour doing one of the accepted activities).
Why do many of us grumble so much when we have to fulfil our CPD requirements, though? Professional bodies’ CPD requirements don’t exist merely as a tick-box exercise that they introduced for fun; the activities that they accept as CPD material are all directly related to things you can do that make you a better person within the profession.
There are some CPD activities that are easy to motivate oneself to do. Training courses are the most prominent in this respect, because in addition to uploading (usually) several units to the CPD register, you’re gaining education that bolsters your CV and ultimately benefits your bank balance.
Other activities can seem mundane. Webinars – particularly during the Covid-19 pandemic – have shot up in number, and in some cases there has been a corresponding decline in quality and hence educational value. If one chooses carefully, though, there is a wealth of material out there that can enhance your cyber knowledge.
CPD also gives you the opportunity to try new things, such as public speaking. It’s something I do quite a lot of, and it’s a hugely rewarding thing to do. Looking at my current CISSP CPD log, I see talks that I’ve given on Incident Response, the effects of Covid-19 on Data Protection and Behavioural Cybersecurity. The last of these was a subject I was asked to speak on, and hence had to spend a fair amount of time researching; this meant that as well as the audience learning something (at least one hopes they did) it also gave me insight into something on which I wasn’t particularly well versed.
Finally, the need to do CPD can help give the impetus to go out and find new things to look at. As I’ve noted above, it can be easy to get into the mindset of “all these webinars are dull and pointless”, but if you take the time to look hard enough that’s simply not true. In the last couple of weeks I’ve taken part in webinars on CISO soft skills, shadow IT in the cloud and how to get the security message over to the Board, and each of them has been an hour well spent.
CPD, then, is not just a tick-box exercise when you’re renewing your professional subscription or certification; it really does continue your professional development. As the saying goes, it does what it says on the tin.