Re: Security Expert Certificates

[Rodney Thayer <rodney () canola-jones com>]

At 04:25 PM 3/26/2004 +0100, jan.muenther () nruns com wrote:

> Having a cert like the CISSP doesn't hurt you personally 

I think that in some cases it DOES hurt you.  It says "you
are capable of passing through a mindless selection filter inside
a large organization".  Given no other data than "some security
person with a CISSP", I think that a lot of folks assume "hmmm,
no clue, patience to take the test, way too mellow because they
were able to wrap their brains around the test instead of the
way things really are".  Now I know people who have CISSP's,
and some of them are really good,
but most of the good ones have some other redeeming attribute.
The certification never adds to their rep.

I understand that large organizations use the acronyms as a job
selection filter.  I can imagine that's logical in some situations.
Given a choice between some punk who has Fry's listed on their resume
and claims to know Perl, and some kid in a new suit with a CISSP,
I'd think about hiring the CISSP, sure.

My advice would be to not try to wave it around as street cred ;-)

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave