Now that I’m a CISSP, I’m required to perform continuing education during a 3-year certification cycle to become recertified. The term “CPE” is an acronym for “Continuing Professional Education” points. I’ve to earn 120 CPE credits.
I read on this page that Pod Casts (notice the spelling) are mentioned as an activity that earn CPE credits. I checked with ISC² to see if listening to security podcasts like “The Security Catalist” is a valid CPE activity. And they confirmed that it is a valid CPE activity.
I gave them “The Security Catalist” as an example because “Santa“, the host, is a CISSP Lead Instructor and I exchanged some e-mails with him about this. He has also mentioned in his last podcast that listening to his podcast earns CPE credits.
I listen to a lot of podcasts, many of them are IT security related:
- The Silver Bullet Security Podcast
- CyberSpeak Podcast
- PaulDotCom Security Weekly
- SploitCast
- A Day in the Life of an Information Security Investigator
- Security Now!
- Binary Revolution Radio
- The Security Catalist
I started submitting CPE credits for every hour I listen to security podcasts: I have a spreadsheet were I keep a list of every episode I listened to, with the duration of the podcast (I selected three podcasts I listen to, I don’t want to do this administration for all the podcasts). And then every few months, I submit CPEs equal to the total number of hours per podcast. I don’t submit individual episodes, because some of them are less than 1 hour.
And I also keep the actual mp3 file, because in case of an ISC² audit, I have to provide proof that I listened to the podcasts. I decided to keep the mp3 file, because I read that for books you read and submit as CPE credits, one of the accepted proofs in case of an audit is keeping the book you read and show that you have it.
Didier Stevens 
That’s actually really cool. Since I plan to get my CISSP sooner than later (read: this year), it is good to know I can use pod casts for some of my CPEs!
Comment by LonerVamp — Monday 22 January 2007 @ 15:49
Success with your study LonerVamp, I plan to blog about how I prepared for the exam and on my exam-taking strategy.
Comment by Didier Stevens — Monday 22 January 2007 @ 19:25
[…] https://didierstevens.wordpress.com/2007/01/22/listening-to-security-podcasts-earns-isc%c2%b2-cpe-cre… […]
Pingback by The Security Catalyst » Blog Archive » Listen to the Security Catalyst and Earn CPE Credits! — Wednesday 31 January 2007 @ 14:13
This is very cool! Now only can I get credits for having a podcast, but also for listening to on! Awesome!
Add us to your list of security podcasts as well… Evey host of the podcast is a CISSP! http://secthis.com
Comment by Gene Naftulyev, CISSP — Wednesday 31 January 2007 @ 20:16
I’m a UK based CISSP and listen to a lot of security pods, and I’m even toying around with producing my own as well. These podcasts are a great “heads-up” and learning tool for me, and it pleases me no end that ISC2 are allowing podcast listening as CPE credits, which does make perfect sense.
However I must admit although I have seen the official ISC2 email here, I am a little concerned that during the ISC2 online CPE submission process, there isn’t a proper section for submitting podcast CPEs. I hope ISC2 sort that out, as I don’t want to feel like I’m putting a majority of my eggs (CPEs) in one basket come the end of my 3 year cycle.
Keep up the good work.
PS I’m on linkedin, if anyone wants to send me an invite.
Comment by Dave Whitelegg CISSP — Thursday 22 February 2007 @ 13:59
[…] Almost six years ago I blogged about submitting (ISC)² CPE points for listening to IT security podcasts. […]
Pingback by PaulDotCom Security Weekly And The (ISC)² Audit « Didier Stevens — Wednesday 12 December 2012 @ 16:24
Is this still true in 2021
Comment by Lisa Lombard — Monday 25 October 2021 @ 17:22
Yes
Comment by Didier Stevens — Monday 25 October 2021 @ 17:31