Security Basics mailing list archives

RE: University Degree or CISSP

From: "Craig Wright" <cwright () bdosyd com au>
Date: Fri, 3 Feb 2006 08:30:16 +1100

I would hope for something more than GSEC. At least one level 5 SANs
Cert, a CCSP or CCNP.

If you are reliant on a certification - I would hope for more than GSEC
alone unless this person is to be placed into a junior position.

Craig

-----Original Message-----
From: King, Stephen [mailto:sking () chnct org]
Sent: 2 February 2006 6:00
To: Al Sutton; security-basics () securityfocus com
Subject: RE: University Degree or CISSP

This thread appears to be going on for sometime and has obviously
touched us all personally. Aside from the philosophical justification of
either position, the fact remains: The employer decides what credentials
they want from a hire. (end of story).  Furthermore, the CISSP
designation is a security generalists certification aimed at management
level professionals; and if you are management 99.9% of the time you are
required to have a degree anyhow. If you are to be a practitioner of
"hands-on" technical controls and other "front linesman" work you most
likely want a certification like a GSEC or something.

Just my two Cents.

Stephen CISSP, CISA  

-----Original Message-----
From: Al Sutton [mailto:asutton () argosytelcrest com]
Sent: Wednesday, February 01, 2006 6:37 AM
To: security-basics () securityfocus com
Subject: RE: Re: University Degree or CISSP

I've also been holding fire on commenting, but as someone who has worked
in a univeristy and for large corporates I hope I can make a useful
contribution.

Degrees are about teaching people how to teach themselves. They're about
taking someone who has usually had years of spoon fed education (i.e.
"here is the books you need to read and here are the pages that have the
answer") and teaching them effective ways of researching a problem for
themselves and finding a solution (i.e. "I want to do X, find me the
solution"). The subject of the degree gives you knowledge of a subject
field and helps you know where to start looking, but at the end of the
day pretty much any graduate should be able to take a problem and start
to find a solution using the resources available to them (even if it
means asking other people for help).

CISSP is about giving you specific knowledge. It's not about showing you
how to learn, its about giving you the knowledge to know where to look
when someone asks you a question about IT security.

Knowing which one is more applicable depends on the job you want to do.
If you can demonstrate to others that you can do research on your own to
find solutions, and others have commented that you're good on it, you
may not want to go down the degree route. On the other hand if you think
that your abililty to find solutions effectively can do with a little
help, and you can find a degree in a relevant subject, then you'll
probably find a degree is of us.

Whichever you decide, I wish you good luck, because initially finding
the right job at the right time that pays the right salary is sometimes
as much about luck as qualifications.

Al.
--
Al Sutton
Argosy TelCrest
W: www.argosytelcrest.com


------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich
University program offers unparalleled Infosec management education and
the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning, Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---

CONFIDENTIALITY NOTICE:  This e-mail communication and any attachments
may contain

confidential and privileged information for the use of the designated
recipients names

above.  The designated recipients are prohibited from redisplaying this
information to any

other party without authorization. If you are not the intended
recipient, you are hereby

notified that you have received this communication in error and that any
review, disclosure,

dissemination, distribution or copying of it or its contents is
prohibited by federal or

state law.  If you have received this communication in error, please
notify CHNCT at

1-203-949-4000, and destroy all copies of this communication and any
attachments.



------------------------------------------------------------------------
---
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich
University program offers unparalleled Infosec management education and
the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity
Planning, Computer Emergency Response Teams, and Digital Investigations.


http://www.msia.norwich.edu/secfocus
------------------------------------------------------------------------
---


Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

DISCLAIMER
The information contained in this email and any attachments is confidential. If you are not the intended recipient, you 
must not use or disclose the information. If you have received this email in error, please inform us promptly by reply 
email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. 

Any views expressed in this message are those of the individual sender. You may not rely on this message as advice 
unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by 
a Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, 
interception, corruption or unauthorised access.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Current thread:

RE: Re: University Degree or CISSP Bob Hodges (Feb 01)
- <Possible follow-ups>
- Re: Re: University Degree or CISSP Harrison Holland (Feb 01)
  - RE: Re: University Degree or CISSP Al Sutton (Feb 01)
- RE: Re: University Degree or CISSP King, Stephen (Feb 02)
- Re[3]: University Degree or CISSP Vladimir B. Kropotov (Feb 02)
  - Where can I get a certified security audit? and how much do they cost? Pigeon (Feb 05)
- RE: University Degree or CISSP Craig Wright (Feb 03)
- Re: RE: University Degree or CISSP acicalla01 (Feb 06)