Security Basics mailing list archives

RE: CISSP Question

From: "David Harley" <david.a.harley () gmail com>
Date: Wed, 16 May 2007 10:44:35 +0100

Well I don't know if we were heard on this mailing list but I 
jsut received a notification that starting October 1st the 
ISC" CISSP requirements will change!!
The new change looks to be a bit tougher then until now.
https://www.isc2.org/cgi-bin/content.cgi?category=1187


I doubt if the bigwigs at the top spend much time on this list, or respond
that quickly. :) The debate about how much CISSP is worth has raged for
years, and it's a perfect reasonable subject to discuss. 

(It's the ongoing more-than-hints of malpractice on the part of the
certifying organizations and the accusations that cert holders are ignoble
alphabet-soup-obsessed and more-qualified-than-thou that are yanking my
chain. I'm more than happy to discuss the issues in a spirit of debate, but
enough with the holy wars...)

I doubt if it will do much for the public image of the CISSP cert. The world
seems to be divided into those who think it's worth something, and those who
persist in equating the cert with the test. Increasing the experience
requirements will not convince those who don't want to be convinced: if they
don't think up to four years in the field is enough, extending it by a year
is not going to make much difference. 

Those who think cert holders are obsessed with keeping the market to
themselves will see something sinister in restricting endorsement to (ISC)2
cert holders. Not a view I hold, by the way: it makes sense that applicants
should be endorsed by people who have the baseline knowledge of the field
that the cert is intended to demonstrate.

Increasing the experience requirements may, however, see a bigger take-up of
qualifications that don't have an experience requirement. Nothing wrong with
that, but perhaps (ISC)2 could make more of their Associate status as a
selling point, for people who consider that the (ISC)2 approach is right for
them but don't have the experience yet. 

-- 
David Harley CISSP, Small Blue-Green World
Security Author/Editor/Consultant/Researcher
AVIEN Guide to Malware:
http://www.smallblue-greenworld.co.uk/pages/avienguide.html
Security Bibliography:
http://www.smallblue-greenworld.co.uk/pages/bibliography.html

Current thread:

RE: CISSP Question, (continued)
- - - RE: CISSP Question April Carson (May 10)
    - RE: CISSP Question Simmons, James (May 10)
    - RE: CISSP Question David Harley (May 11)
    - RE: CISSP Question Simmons, James (May 14)
    - RE: CISSP Question David Harley (May 14)
    - RE: CISSP Question Craig Wright (May 14)
    - RE: CISSP Question Simmons, James (May 15)
    - RE: CISSP Question David Harley (May 15)
    - RE: CISSP Question Simmons, James (May 15)
    - Re: CISSP Question Florian Rommel (May 15)
    - RE: CISSP Question David Harley (May 16)
    - RE: CISSP Question Ken Kousky (May 16)
    - RE: CISSP Question David Harley (May 16)
    - RE: CISSP Question Ken Kousky (May 16)
    - RE: CISSP Question David Harley (May 16)
    - Clarifications to the CISSP experiance requirement Craig Wright (May 16)
    - RE: CISSP Question Simmons, James (May 16)
  - RE: CISSP Question David Gillett (May 09)
  - RE: CISSP Question David Harley (May 09)
- RE: CISSP Question Craig Wright (May 09)
  - RE: CISSP Question Simmons, James (May 09)

(Thread continues...)