Security Basics mailing list archives
RE: Re: University Degree or CISSP
From: "Craig Wright" <cwright () bdosyd com au>
Date: Sat, 28 Jan 2006 15:09:59 +1100
All of the examples that are mentioned are not considered a technology based education. Politics, phycology etc are all humanities based subjects and are well suited to business. Most professional managers do not have a “business” degree, but rather a related degree as you have listed. A BA in Politics for example is oft considered a business degree. (look to the works on frames in business and interpersonal relationships in organisational studies. Politics is a valid business frame). The point is a range of subjects. Security is NOT about technology. An understanding of the technology is needed, but the key focus is people. Hence the need to have a broader focus. What we need to look at is a process of continual or even as it has been called life long learning. One or the other (certification or qualification) is never sufficient; stopping the learning process at any stage is not a good policy. Craig -----Original Message----- From: Bob Radvanovsky [mailto:rsradvan () unixworks net] Sent: Sat 28/01/2006 1:59 PM To: Craig Wright; Kain, Becki (B.); security-basics () securityfocus com Cc: Subject: RE: Re: University Degree or CISSP So...those who have BOTH a business AND a computer science backgrounds can understandably "fit" better into a security role than simply someone who has one or the other? Perhaps. I have known people who had either psychology, political science, history, and liberal studies degrees -- all of them have done very well with security. Perhaps it is with the "human factor" that allowed them to transition into security so well... ;)) -rad P.S. Then again, I've known my fair share of "security people" who couldn't conduct any security role or function without constantly reviewing their "Security For Dummies" manuals. The sad thing was that they were certified in one or more security-based certifications (and that included the CISSP)!!! >((( ----- Original Message ----- From: Craig Wright [mailto:cwright () bdosyd com au] To: "Kain, Becki (B.)" [mailto:bkain1 () ford com], security-basics () securityfocus com Subject: RE: Re: University Degree or CISSP > > The completion of a degree shows a certain process. It demonstrates a > certain level of research ability and knowledge. A degree does not do > everything for you, but it does help. > > Most importantly it is important to have an understanding of more than > just IT. A "security" engineer with technical knowledge and no process > knowledge or business knowledge is oft worse than useless. Security is > not about tools and is a Risk based process. Many people with a > technical ONLY background do not understand this or the related business > controls. > > Craig > > -----Original Message----- > From: Kain, Becki (B.) [mailto:bkain1 () ford com] > Sent: 27 January 2006 8:22 > To: security-basics () securityfocus com > Subject: RE: Re: University Degree or CISSP > > The thing that I find frustrating, and I have a 4 year degree from > University of Michigan, in Economics, is that companies, like the one > I'm posting from, make it a requirement that you have a degree, but not > what the degree is in. Seems that a person with 4 years of practical > computer work should be seen as just as (or more, IMHO), useful that a > person with a 4 year degree, but no practical skills. But then again, > I'll never understand HR departments. > > Liability limited by a scheme approved under Professional Standards > Legislation in respect of matters arising within those States and > Territories of Australia where such legislation exists. > > DISCLAIMER > The information contained in this email and any attachments is confidential. > If you are not the intended recipient, you must not use or disclose the > information. If you have received this email in error, please inform us > promptly by reply email or by telephoning +61 2 9286 5555. Please delete the > email and destroy any printed copy. > > Any views expressed in this message are those of the individual sender. You > may not rely on this message as advice unless it has been electronically > signed by a Partner of BDO or it is subsequently confirmed by letter or fax > signed by a Partner of BDO. > > BDO accepts no liability for any damage caused by this email or its > attachments due to viruses, interference, interception, corruption or > unauthorised access. > > --------------------------------------------------------------------------- > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE > The Norwich University program offers unparalleled Infosec management > education and the case study affords you unmatched consulting experience. > Tailor your education to your own professional goals with degree > customizations including Emergency Management, Business Continuity Planning, > > Computer Emergency Response Teams, and Digital Investigations. > > http://www.msia.norwich.edu/secfocus > --------------------------------------------------------------------------- > > Bob Radvanovsky, CISM, CIFI, REM, CIPS rsradvan () unixworks net | rsradvan () infracritical com | rsradvan () ehealthgrid com (630) 673-7740 | (412) 774-0373 (fax) Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within those States and Territories of Australia where such legislation exists. DISCLAIMER The information contained in this email and any attachments is confidential. If you are not the intended recipient, you must not use or disclose the information. If you have received this email in error, please inform us promptly by reply email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy. Any views expressed in this message are those of the individual sender. You may not rely on this message as advice unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by a Partner of BDO. BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, interception, corruption or unauthorised access.
Current thread:
- RE: Re: University Degree or CISSP, (continued)
- RE: Re: University Degree or CISSP Huang, John, GCM (Jan 26)
- RE: RE: Re: University Degree or CISSP Kain, Becki (B.) (Jan 26)
- Re: University Degree or CISSP Steven Kalcevich (Jan 27)
- Re: University Degree or CISSP Aman Raheja (Jan 27)
- RE: University Degree or CISSP Craig Wright (Jan 27)
- RE: University Degree or CISSP Craig Wright (Jan 27)
- RE: Re: University Degree or CISSP Craig Wright (Jan 27)
- Re: University Degree or CISSP Greg van der Gaast (Jan 28)
- RE: University Degree or CISSP Craig Wright (Jan 29)
- RE: Re: University Degree or CISSP Bob Radvanovsky (Jan 30)
- RE: Re: University Degree or CISSP Craig Wright (Jan 30)