Security Basics mailing list archives
RE: RE: Value of certifications
From: "David Harley" <david.a.harley () gmail com>
Date: Tue, 1 May 2007 01:26:21 +0100
Certification's * show a baseline of knowledge in the subject area and career drive
True. How useful the baseline -is- depends on the cert.
* are helpful in getting interviews
Sometimes true.
* you do learn alot in preparation of most exams.
Depends on the cert and the individual. Can be true, certainly.
* they are not useless or a waste of time and are helpful in career advancement (same as a degree)
The main purpose of most qualifications is to prove something to employers... The trick is to have an idea of what the qualification -really- tells you. Prospective employers don't necessarily have that idea.
* a cert. does not make you an expert or even mean you can apply infosec in the real world environments
Indeed (though to some extent, that depends on the cert). On the other hand, having a cert doesn't prove you -don't- know anything, as some posts in this thread come close to suggesting. Actually, working in the field for 20 years (see sig) doesn't prove you know anything either. ;-)
* some people with high level certs have no true understanding of infosec in practical terms
As also pointed out by others, you need experience as well as an adequate exam score to get some certs. But some people learn more than others from experience. Let's get really obvious. There are all kinds of practitioners: some manage people better than systems, and vice versa. Some need to be more hands-on than others. Good managers are not always hands-on, and some hands-on people should have their hands tied behind their backs. Some are idiots, some are certified idiots, some are not at all idiotic, some unqualified non-idiots have enough common sense to put them a mile ahead of a certified idiot. A cert is an indicator, not proof (either way.) If you judge people purely by the letters after their name, or the absence thereof, you risk severe disappointment, or missing a gem. Many admirable qualifications don't append any letters... -- David Harley CISSP (plus around 20 years on-the-job experience...) Security Author/Editor/Consultant/Researcher Small Blue-Green World AVIEN Guide to Malware: http://www.smallblue-greenworld.co.uk/pages/avienguide.html Security Bibliography: http://www.smallblue-greenworld.co.uk/pages/bibliography.html
Current thread:
- RE: RE: Value of certifications David Harley (May 01)
- <Possible follow-ups>
- Re: RE: RE: Value of certifications nomail (May 01)
- RE: Value of certifications Simmons, James (May 01)
- RE: RE: Value of certifications David Harley (May 02)
- RE: Value of certifications Jones, David H (May 02)
- Re: Value of certifications Hari Sekhon (May 16)
- RE: Value of certifications Devin Rambo (May 16)
- RE: Value of certifications Simmons, James (May 16)
- Message not available
- Fwd: Value of certifications kevin fielder (May 17)
- RE: Value of certifications David Harley (May 17)
- RE: Value of certifications Craig Wright (May 17)
- RE: Value of certifications Erin Carroll (May 18)