Security Basics mailing list archives
RE: Value of certifications
From: "Craig Wright" <Craig.Wright () bdo com au>
Date: Thu, 26 Apr 2007 09:38:50 +1000
Hello James, I have to agree at some level, but I can not completely agree with your assertions on your blog. You state: "They do not offer research, or any sort of consulting service, or anything more then certifications at a bloated price. Their business model is supply and demand. Their prime concern is money, not quality assurance or education. They charge high prices because everyone else will pay them. It is the difference between $57 and thousands of dollars for a single certification. " In some cases as you mention - this is true. However, CISA and CISM for instance from ISACA do not follow this model. ISACA does research and has issued one of the most highly used audit models - CoBIT. The capitalist market system is supply and demand. It may be impersional and have its faults, but it works better than the existing alternatives. Greed is too simple. There is a market and people willing to pay. Thus there are people willing to take money to offer this service. ISC2 as another example does offer quality assurance, but the level of what they offer is the issue. Many put more faith in it than is valid. As for the car issue, there are more people doing this. This is supply and demand at work. The IT security field has a greater demand than the mechanic. Try a comparision with a specialist plumber. This is closer to the model in economic terms. Regards, Craig Craig Wright Manager of Information Systems Direct +61 2 9286 5497 Craig.Wright () bdo com au +61 417 683 914 BDO Kendalls (NSW) Level 19, 2 Market Street Sydney NSW 2000 GPO Box 2551 Sydney NSW 2001 Fax +61 2 9993 9497 www.bdo.com.au Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. The information in this email and any attachments is confidential. If you are not the named addressee you must not read, print, copy, distribute, or use in any way this transmission or any information it contains. If you have received this message in error, please notify the sender by return email, destroy all copies and delete it from your system. Any views expressed in this message are those of the individual sender and not necessarily endorsed by BDO Kendalls. You may not rely on this message as advice unless subsequently confirmed by fax or letter signed by a Partner or Director of BDO Kendalls. It is your responsibility to scan this communication and any files attached for computer viruses and other defects. BDO Kendalls does not accept liability for any loss or damage however caused which may result from this communication or any files attached. A full version of the BDO Kendalls disclaimer, and our Privacy statement, can be found on the BDO Kendalls website at http://www.bdo.com.au or by emailing administrator () bdo com au. BDO Kendalls is a national association of separate partnerships and entities. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Simmons, James Sent: Thursday, 26 April 2007 8:12 AM To: security-basics () securityfocus com Subject: RE: Value of certifications I will have to disagree about the validity of certs. It is true that certs will get you the interview. But I find them only to be good if you want a basic level system admin job. Everyone is putting too much emphasis about certifications these days. Granted it is a way to determine that at some point an individual was able to remember (or at least guess) the right answers for a group of questions at some point in time, but that doesn't necessarily prove that someone is competent. http://san2600.org/index.php?name=Blogs&mode=display&id=10 I will have to refer you to my long rant about the subject, but ultimately my recommendation, work on a few projects in your spare time. Write some white papers, do some research and present your results a webpage. Actually do something that would impress employers. You can either try to prove that you know something, or you can do something that proves you know it. And if you are worried that you might get passed over from HR because you do not have a cert. Do you really want to work at a place that uses an algorithm that pre-screens for minimal requirements? Sounds like a place that is just looking for bodies to me. Simmons
Current thread:
- Re: RE: Value of certifications, (continued)
- Re: RE: Value of certifications Joey Boyer (Apr 25)
- Re: RE: Value of certifications andrews (Apr 26)
- Re: RE: Value of certifications Nathalie Vaiser, RFC, FMM (Apr 27)
- Re: RE: Value of certifications Yousef Syed (Apr 27)
- RE: RE: Value of certifications Simmons, James (Apr 27)
- Message not available
- Re: RE: Value of certifications Yousef Syed (Apr 27)
- RE: RE: Value of certifications Lim Ming Wei (Apr 27)
- Re: Re: RE: Value of certifications nate kelly (Apr 30)
- RE: Re: RE: Value of certifications Utz, Ralph (Apr 30)
- RE: RE: Value of certifications J.M. Seitz (Apr 30)