Security Basics mailing list archives
Re: Re: University Degree or CISSP
From: Harrison Holland <harrisonholland () gmail com>
Date: Sun, 29 Jan 2006 14:29:35 -0500
Hello, I've been following this thread for a while, and I finally decided to give my personal opinion. Whether or not you learn anything at a university that will actually help you in the job market, companies have way too many applicants and not enough jobs. In general they need some way to screen applicants and weed certain ones out. You can be the most talented security expert in the world, but many companies will throw out your resume if you don't have a degree from a standard university for the simple fact that there are 20 other people who have just as much experience as you and do have a degree. While the paper may mean nothing as far as your ability to perform a job, it does show that you know how to learn, are well rounded, organized, and able to perform on a deadline. The other benefit of a standard university is the fact that many of them will help you get internships with companies that you may not have been able to work for otherwise. If you do an internship while finishing up your degree, you will have real work experience and a peice of paper that tells recruiters that you can learn and perform. I don't think there is any replacement for a standard degree. CISSP's can supplement a degree, but not replace it. For anyone that has already gotten a degree from a university, getting a CISSP is a peice of cake. Hope I didn't step on anyone's toes, I just wanted to throw my opinion in here. Harrison On 1/26/06, Greg van der Gaast <gvandergaast () yahoo com> wrote:
Flames in your face? Actually I couldn't agree more. I don't have a degree and the certifications I did get I've never really leveraged. IMHO, what matters in information security is getting the job done and having the insight and ability to do so. Being able to see trends and learn new things as they emerge is far more important than any paper you can bring to the table. And that includes the static knowledge base associated with that paper. Heck, by the time something is put into a curriculum and then taught again it is over 2 years old. That's a lifetime in this business. It could even be argued that the static mentality and unified method of thinking applied in university, college, and many certification programs limits one's thinking in ways that I consider crucial in the InfoSec world. I won't make that argument myself as it's very much up to the indivudial's mentality to remain objective. Unfortunately plenty of people take what they hear in school as law without question. I know enough brilliant people in information security that have gotten quite far without any paper. Granted it is harder for these people to get their foot in the door and to obtain that crucial initial recognition of their skills. Then again the time lost trying to get the initial work and the lower salaries they had to contend with probably represent less time and money than they would have sunk into a "classical" education anyway. My 2 cents. Cheers, Greg van der Gaast Senior Consultant CGI Group CCE Montreal --- Toby Barrick <tbarrick () cox net> wrote:Ken, With you as a degree holder (I assume that you are) I'm sure that you feel that way about a degree. The fact of the matter is that a degree is a piece of paper, a mark on a stick as to what you have spent in dollars and time. A CISSP is a mark on a stick as to what you know (memorized) about security related issues (plus whatever money was spent). Neither of which, in the real word is worth it's weight in paper. I know lots of folks that have PhD that are worthless. Yeah they bang down the bucks due to the paper on the wall, but they are totally clueless. I know mechanics that make more than I do investing in futures. I'm not a big fan of the guy but take Bill Gates for example. He does not have a degree, he dropped out of college. I'd actually be surprised if he even has any certifications. The bottom line counts in this world is vision, insight, intuition, hard work, and a feel for situations that whisper "this is not right," I can fix it - then acting on that thought. Ok - I'm sure the flames will fly in my face, but that is my opinion. Have a great day. Ken Kousky wrote:This is the craziest conversation I ever heard of- there is NO comparisonbetween a REAL degree and CISSP. CISSP is great,valuable and vital but itisn't in any way comparable. Simply put, if you don't have a degree - get oneand get the best one youcan. -----Original Message----- From: Huang, John, GCM[mailto:John.Huang () rbsgc com]Sent: Monday, January 23, 2006 1:41 PM To: security-basics () securityfocus com Subject: RE: Re: University Degree or CISSP Degree or CISSP? It depends on where you are inlife. A degree helps youin the door and advancement into a managementposition usually require acollege degree. But if you're already in the fieldand don't have acollege degree, a CISSP cert is easier to obtainin a shorter amount oftime, and provide more immediate benefit since youcan put the thingsyou learn into use. -----Original Message----- From: shyaam () gmail com [mailto:shyaam () gmail com] Sent: Friday, January 20, 2006 10:25 PM To: security-basics () securityfocus com Subject: Re: Re: University Degree or CISSP Yes, Very true. Nothing counts equivalent toexperience, but experience comesonly when someone starts somewhere. I have seenone big thing happeningaround. People in the industries shifted fromtechnology to business,that is the point when they lost the security andcreated more loopholesin their own products as they reduced the timeneeded, reduced budgetsand spent more on advertisements and marketing. How does that reflect on people. They need peoplealready withexperience. But how is that possible. Everybodyneeds to startsomewhere. So experience does count, but I wouldsay some foundation,some added qualification and some experience isgood for a cool job. Fora startup job, some degree and some cert isessential.PS: This is my opinion, I am not pointing out anycompany or any privateorganization. -S---------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE- ONLINE The NorwichUniversity program offers unparalleled Infosecmanagement education andthe case study affords you unmatched consultingexperience.Tailor your education to your own professionalgoals with degreecustomizations including Emergency Management,Business ContinuityPlanning, Computer Emergency Response Teams, andDigital Investigations.http://www.msia.norwich.edu/secfocus-----------------------------------------------------------------------------------------------********************************************************************This e-mail is intended only for the addresseenamed above.As this e-mail may contain confidential orprivileged information,if you are not the named addressee, you are notauthorizedto retain, read, copy or disseminate this messageor any part of it.********************************************************************---------------------------------------------------------------------------EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE- ONLINEThe Norwich University program offers unparalleledInfosec managementeducation and the case study affords you unmatchedconsulting experience.Tailor your education to your own professionalgoals with degreecustomizations including Emergency Management,Business Continuity Planning,Computer Emergency Response Teams, and DigitalInvestigations.http://www.msia.norwich.edu/secfocus------------------------------------------------------------------------------------------------------------------------------------------------------EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE- ONLINEThe Norwich University program offers unparalleledInfosec managementeducation and the case study affords you unmatchedconsulting experience.Tailor your education to your own professionalgoals with degreecustomizations including Emergency Management,Business Continuity Planning,Computer Emergency Response Teams, and DigitalInvestigations.http://www.msia.norwich.edu/secfocus------------------------------------------------------------------------------------------------------------------------------------------------------EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations.=== message truncated === __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
--------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: Re: University Degree or CISSP Bob Hodges (Feb 01)
- <Possible follow-ups>
- Re: Re: University Degree or CISSP Harrison Holland (Feb 01)
- RE: Re: University Degree or CISSP Al Sutton (Feb 01)
- RE: Re: University Degree or CISSP King, Stephen (Feb 02)
- Re[3]: University Degree or CISSP Vladimir B. Kropotov (Feb 02)
- RE: University Degree or CISSP Craig Wright (Feb 03)
- Re: RE: University Degree or CISSP acicalla01 (Feb 06)