Security Basics mailing list archives
Re: CISSP Question
From: "Yousef Syed" <yousef.syed () gmail com>
Date: Wed, 9 May 2007 01:21:46 +0100
Hi James, I can't and won't argue with most of what yousay about certifications - in general, I can't stand them either and often-times I just don't trust them... Unfourtunately, to move on in this industry, many jobs now require some form of certification (often government jobs - atleast that's where I've most commonly seen the requirement). Although, I may know, my collegaues may know, and some of my friends may know that I've been working in security X-number of years and have gained certain levels of experience; a future manager may not know that. That future manager may have to wade through 100 CV/Resumes. To aid himself to sorting the wheat from the chaff he may rely upon a certification (that they "trust") from an independant third-party. Hopefully, that certification is only used to aid the hiring process. If that hiring process is farmed out to morons in HR, then you have a serious problem (and I've already expressed my opinion on HR departments hiring). Much as we'd all love to be hired through our personal network and recommendations (my last two roles have been acquired that way and it is a great way to get work :) ) the realities of life mean that it isn't always the way. The CISSP is just a good way to get your foot in the door (Neither the Manager doing the hiring nor the CISSP should rely upon it, though). In that sence, they are a necessary evil. ys On 08/05/07, Simmons, James <jsimmons () eds com> wrote:
>>Being that they have stated that employment as an Operators
etc are not considered as valid experience, I would
>>state that I feel that this would be a role where there is
some management, design, consulting or other similar
>>activity involved.
So if you already have 4 years of experience in management, or design,
or consulting, what is the value of the CISSP? You are already doing the
job that most people are getting the certification are aiming for. Now
of course this is a majority case, as there are people who get the cert
for other reasons.
But this is all my point.
http://www.securityfocus.com/archive/105/466897/30/210/threaded
Experience in doing the projects, actually getting involved in the
industry on your own, is the better way to spend your money then getting
a certification.
And here we arrive back at the beginning.
Regards,
Simmons
-- Yousef Syed "To ask a question is to show ignorance; not to ask a question, means you remain ignorant" - Japanese Proverb
Current thread:
- RE: CISSP Question, (continued)
- RE: CISSP Question Craig Wright (May 03)
- RE: CISSP Question Simmons, James (May 03)
- Message not available
- RE: CISSP Question Simmons, James (May 07)
- RE: CISSP Question Simmons, James (May 03)
- RE: CISSP Question Craig Wright (May 03)
- RE: CISSP Question Elizabeth Tolson (May 04)
- RE: CISSP Question David Harley (May 04)
- RE: CISSP Question Craig Wright (May 07)
- RE: CISSP Question Elizabeth Tolson (May 07)
- RE: CISSP Question David Harley (May 08)
- RE: CISSP Question Craig Wright (May 08)
- CISSP Question Simmons, James (May 08)
- Re: CISSP Question Yousef Syed (May 09)
- RE: CISSP Question Simmons, James (May 09)
- RE: CISSP Question April Carson (May 09)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question April Carson (May 10)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question April Carson (May 10)
- RE: CISSP Question David Harley (May 10)
- RE: CISSP Question David Gillett (May 10)
- RE: CISSP Question David Harley (May 10)
- Re: CISSP Question Yousef Syed (May 09)
- RE: CISSP Question Eric Zatko (May 10)