Full Disclosure mailing list archives
Re: [OT] CISSP Test
From: Anders Langworthy <hades () psilanthropy org>
Date: Sat, 26 Mar 2005 00:59:48 -0600
SecurityLSI wrote:
I wholeheartedly agree that there needs to be an industry benchmark, something that says you cannot operate in this field unless you have passed x. I'm thinking along the lines of something similar to the Bar exam that lawyers have to take, or perhaps a license like what doctors are required to obtain before being able to practice. I fear its going to take something of that level to truly separate the chaff from the wheat. Anything less and you only end up with braindumps and bootcampers throwing resume after resume at you.
There is an important distinction between something like the Bar, and medical licensure. The InfoSec equivalent of the legal Bar would be impossible to implement, because unlike a courtroom, a network is not under regulated control. If you wish to practice law, you must do it in a government-controlled courtroom*, and that government says that you must pass the Bar before doing so.
My network, on the other hand--like my body--belongs to me. Nobody has the right to tell me who I can and cannot hire to work on them. In the same way, I could pay somebody off the street to perform surgery on me if I wished. I wouldn't recommend it, and they wouldn't be a licensed doctor, but nobody can stop me.
So what difference does it make if we add another benchmark/"cert"? We already have plenty. Even if it were possible, would we really want to grant absolute power to something like the medical AMA?
* Judge Judy doesn't count. -- Anders _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RES: CISSP Test Jose Ribeiro Junior (Mar 23)
- Re: RES: CISSP Test Vladamir (Mar 23)
- Re: RES: CISSP Test SecurityLSI (Mar 26)
- Re: [OT] CISSP Test Anders Langworthy (Mar 26)
- Re: RES: CISSP Test R Mondesir (Mar 29)
- Re: RES: CISSP Test DAN MORRILL (Mar 29)
- Re: RES: CISSP Test J. Oquendo (Mar 29)
- Re: RES: CISSP Test SecurityLSI (Mar 26)
- Re: RES: CISSP Test Vladamir (Mar 23)