RE: RE: Value of certifications

["Jason P. Rusch" <saltynetguru () infosec-rusch com>]

OK this thread is being beat to death when it should be very simple and
short discussion, lets state the obvious and let this thread die.

Certification's

      * show a baseline of knowledge in the subject area and career
        drive
      * are helpful in getting interviews
      * you do learn alot in preparation of most exams.
      * they are not useless or a waste of time and are helpful in
        career advancement (same as a degree)
      * a cert. does not make you an expert or even mean you can apply
        infosec in the real world environments
      * some people with high level certs have no true understanding of
        infosec in practical terms

 
Done, did I leave anything out, 


-- 
Sincerely 

Jason P. Rusch, CISA/CISSP
Information Security Professional 
Wesley Chapel, FL 33543 
AOL IM: SaltyNetGuru
www.infosec-rusch.com


"There is no patch for stupidity"

The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of, or
taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is prohibited. If you
received this in error, please contact the sender and delete the
material from any computer.




On Mon, 2007-04-30 at 14:57 -0400, Buyer, David wrote:
> Why do I see most of the people complaining about certs the same ones
> who don't have them. If you have them then you know that they are only a
> baseline. You can assume that a person with some cert at least has a
> good knowledge of the test criteria and can complete something. That's
> all. It's the same with a college degree. It will only get you in the
> door. Back it up with valid experience and that's what most employers
> are looking for. The certs and degrees show that you can complete
> something and that you have the ambition to work on something.
>
>
>
>
> -----Original Message-----
> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
> On Behalf Of Devin Rambo
> Sent: Monday, April 30, 2007 9:21 AM
> To: 'Nathalie Vaiser, RFC, FMM'; security-basics () securityfocus com
> Subject: RE: RE: Value of certifications
>
> > > > I don't have a bachelors degree. I see quite a few job offers that
> require one.  I only did one year of University (10 years ago) in
> Marketing.
> Would doing night classes in a University program (or online program)
> relating to IT be helpful?  I've seen some a degree 'Information Systems
> Security' that may be interesting. It would be expensive and take a long
> time to finish part-time.  I'm not sure if I'm better off with
> certifications or a bachelors degree  (academic and real-world is also
> very different I believe)
>
> I am working for a web hosting company right now as a Level I Systems
> Administrator, so my position is not really giving much security
> experience (only a little here and there as it pertains to some security
> issues or abuse issues.).  My employer will not pay for certifications,
> so I'm on my own there.<<<
>
> You're actually in pretty good shape without realizing it. The job
> you're in is a very good place from which to build your skills. In my
> experience, employers love it when their workers actively take steps to
> learn more. When I was learning SQL Server from a book and by setting a
> server up at my house to learn on, I told my boss at the time that I
> would love the opportunity to participate in any projects where I could
> get some real-world experience using the software. Two days later, he
> assigned me a project working on implementing the new help desk
> ticketing system that used an SQL back-end. I learned a lot from doing
> that, and my employer gained someone with some SQL skills without having
> to go out and hire a new DBA.
>
> So I would recommend doing a similar thing. Talk to your boss and tell
> them that you're really interested in learning more about InfoSec, and
> that you'd love the opportunity to work with your InfoSec team on any
> projects that they are working on. Any employer worth working for should
> recognize that this is a win-win. You get upgraded skills, and your
> employer gets an employee who is a more valuable asset to the company.
>
> There are lots of university programs worth looking into. It sounds like
> the 'Information Systems Security' program you've seen might be the one
> offered by ITT. As a graduate of ITT, I'd advise treading with great
> care. The money you'll pay to go to school there is IMHO far more than
> the value of the knowledge you'll attain - they basically treat
> everything as though it's a survey of the material in question, which
> isn't as in-depth an immersion into the material as you'll want for
> $30K. Studying security or any other IT-related discipline in a
> classroom has value, but not as much value as those skills you attain in
> the real world. The relativity of that depends on where you decide to
> study.
>
> My two cents. Hope that helps.
>
> Devin
>
>
>
>
> Kaleida Health's economic impact on Western NY exceeds $2.2 BILLION annually.
>
> Check us out at: www.WesternNYshospitalofchoice.org
>
> CONFIDENTIALITY NOTICE: 
> This email transmission and any documents, files, 
> or previous e-mail messages attached to it are 
> confidential and intended solely for the use of the 
> individual or entity to whom they are addressed. 
> If you are not the intended recipient, or a person 
> responsible for delivering it to the intended recipient, 
> you are hereby notified that any further review, 
> disclosure, copying, dissemination, distribution, or 
> use of any of the information contained in or attached 
> to this e-mail transmission is strictly prohibited. 
> If you have received this message in error, please 
> notify the sender immediately by e-mail, discard 
> any paper copies, and delete all electronic files 
> of the message. If you are unable to contact the 
> sender or you are not sure as to whether you 
> are the intended recipient, please e-mail 
> ISTSEC () KaleidaHealth org or call (716) 859-7777.