RE: Re: University Degree or CISSP

["Bob Hodges" <B_Hodges () cox net>]

It seems obvious to me that if you have a degree and or a certification, you
are for having them.  If you do not, then you are not impressed with them.

Degrees and certifications certainly do not measure your abilities no more
than a marriage license measures your fidelity, but it does show a level of
commitment.  

-Bob-
__________________________________________________
Robert W. (Bob) Hodges, BBA, CHS, CISSP, GSEC Gold, GSLC Gold
President
Information Security Training Institute, Inc.
_________________________________________________
 -----Original Message-----
From: Greg van der Gaast [mailto:gvandergaast () yahoo com] 
Sent: Thursday, January 26, 2006 9:58 AM
To: security-basics () securityfocus com
Subject: RE: Re: University Degree or CISSP

Flames in your face? Actually I couldn't agree more. 

I don't have a degree and the certifications I did get
I've never really leveraged. IMHO, what matters in
information security is getting the job done and
having the insight and ability to do so. Being able to
see trends and learn new things as they emerge is far
more important than any paper you can bring to the
table. And that includes the static knowledge base
associated with that paper. Heck, by the time
something is put into a curriculum and then taught
again it is over 2 years old. That's a lifetime in
this business.

It could even be argued that the static mentality and
unified method of thinking applied in university,
college, and many certification programs limits one's
thinking in ways that I consider crucial in the
InfoSec world. I won't make that argument myself as
it's very much up to the indivudial's mentality to
remain objective. Unfortunately plenty of people take
what they hear in school as law without question.

I know enough brilliant people in information security
that have gotten quite far without any paper. Granted
it is harder for these people to get their foot in the
door and to obtain that crucial initial recognition of
their skills. Then again the time lost trying to get
the initial work and the lower salaries they had to
contend with probably represent less time and money
than they would have sunk into a "classical" education
anyway.

My 2 cents.

Cheers,

Greg van der Gaast
Senior Consultant
CGI Group
CCE Montreal 

--- Toby Barrick <tbarrick () cox net> wrote:

> Ken,
>
> With you as a degree holder (I assume that you are)
> I'm sure that you 
> feel that way about a degree. The fact of the matter
> is that a degree is 
> a piece of paper, a mark on a stick as to what you
> have spent in dollars 
> and time. A CISSP is a mark on a stick as to what
> you know (memorized) 
> about security related issues (plus whatever money
> was spent). Neither 
> of which, in the real word is worth it's weight in
> paper.
>
> I know lots of folks that have PhD that are
> worthless. Yeah they bang 
> down the bucks due to the paper on the wall, but
> they are totally 
> clueless. I know mechanics that make more than I do
> investing in futures.
>
> I'm not a big fan of the guy but take Bill Gates for
> example. He does 
> not have a degree, he dropped out of college. I'd
> actually be surprised 
> if he even has any certifications.
>
> The bottom line counts in this world is vision,
> insight, intuition, hard 
> work, and a feel for situations that whisper "this
> is not right," I can 
> fix it - then acting on that thought.
>
> Ok - I'm sure the flames will fly in my face, but
> that is my opinion.
>
> Have a great day.
>
>
> Ken Kousky wrote:
>
> > This is the craziest conversation I ever heard of
> - there is NO comparison
> > between a REAL degree and CISSP. CISSP is great,
> valuable and vital but it
> > isn't in any way comparable. 
> >
> > Simply put, if you don't have a degree - get one
> and get the best one you
> > can.
> >
> > -----Original Message-----
> > From: Huang, John, GCM
> [mailto:John.Huang () rbsgc com] 
> > Sent: Monday, January 23, 2006 1:41 PM
> > To: security-basics () securityfocus com
> > Subject: RE: Re: University Degree or CISSP
> >
> > Degree or CISSP? It depends on where you are in
> life. A degree helps you
> > in the door and advancement into a management
> position usually require a
> > college degree. But if you're already in the field
> and don't have a
> > college degree, a CISSP cert is easier to obtain
> in a shorter amount of
> > time, and provide more immediate benefit since you
> can put the things
> > you learn into use.
> >
> > -----Original Message-----
> > From: shyaam () gmail com [mailto:shyaam () gmail com] 
> > Sent: Friday, January 20, 2006 10:25 PM
> > To: security-basics () securityfocus com
> > Subject: Re: Re: University Degree or CISSP
> >
> > Yes,
> > Very true. Nothing counts equivalent to
> experience, but experience comes
> > only when someone starts somewhere. I have seen
> one big thing happening
> > around. People in the industries shifted from
> technology to business,
> > that is the point when they lost the security and
> created more loopholes
> > in their own products as they reduced the time
> needed, reduced budgets
> > and spent more on advertisements and marketing. 
> > How does that reflect on people. They need people
> already with
> > experience. But how is that possible. Everybody
> needs to start
> > somewhere. So experience does count, but I would
> say some foundation,
> > some added qualification and some experience is
> good for a cool job. For
> > a startup job, some degree and some cert is
> essential.
> > PS: This is my opinion, I am not pointing out any
> company or any private
> > organization.
> >
> > -S-
------------------------------------------------------------------------
> > ---
> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE
> - ONLINE The Norwich
> > University program offers unparalleled Infosec
> management education and
> > the case study affords you unmatched consulting
> experience. 
> > Tailor your education to your own professional
> goals with degree
> > customizations including Emergency Management,
> Business Continuity
> > Planning, Computer Emergency Response Teams, and
> Digital Investigations.
> > http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
> > -----------------------
********************************************************************
> > This e-mail is intended only for the addressee
> named above.
> > As this e-mail may contain confidential or
> privileged information,
> > if you are not the named addressee, you are not
> authorized
> > to retain, read, copy or disseminate this message
> or any part of it.
> >
********************************************************************
> >
---------------------------------------------------------------------------
> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE
> - ONLINE
> > The Norwich University program offers unparalleled
> Infosec management 
> > education and the case study affords you unmatched
> consulting experience. 
> > Tailor your education to your own professional
> goals with degree 
> > customizations including Emergency Management,
> Business Continuity Planning,
> > Computer Emergency Response Teams, and Digital
> Investigations. 
> > http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
> >
---------------------------------------------------------------------------
> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE
> - ONLINE
> > The Norwich University program offers unparalleled
> Infosec management 
> > education and the case study affords you unmatched
> consulting experience. 
> > Tailor your education to your own professional
> goals with degree 
> > customizations including Emergency Management,
> Business Continuity Planning, 
> > Computer Emergency Response Teams, and Digital
> Investigations. 
> > http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
> >
---------------------------------------------------------------------------
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE -
> ONLINE
> The Norwich University program offers unparalleled
> Infosec management 
> education and the case study affords you unmatched
> consulting experience. 
> Tailor your education to your own professional goals
> with degree 
> customizations including Emergency Management,
> Business Continuity Planning, 
> Computer Emergency Response Teams, and Digital
> Investigations. 
=== message truncated ===


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning,

Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 1/27/2006
 

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 1/27/2006
 


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------