RE: GIAC Dilution

["Depp, Dennis M." <deppdm () ornl gov>]

I do not think this was soley about money.  Looking at the number of
students vs. the number of certifications handed out for GIAC, something
is wrong.  The practical (while an excellent idea) has become bloated to
the point they are more a determination of stubbornness rather than
knowledge.  GIAC's primary goal is to increase the security knowledge.
Did the practical increase the knowledge of individuals who attempted
it?  Probably.  Is this the best method to increase their knowledge?
Probably not.

GIAC is in a transition.  I don't think this will be a paper cert.  Will
more people attempt and gain GIAC certification?  I hope so.  Will this
dilute the cert?  Mayber, but it also could have the opposite effect.
Because there are so few GIAC certified secrity professionals, the
certification does not have the same visibility outside the security
world as other certifications.  CISSP is a great example.  How can GIAC
gain this visibility.  One way is to get qualified people to attempt the
certification process.  Writing is not something most IT professionals
have high on their "Fun things I like to do list."  There has to be a
better way.  A multiple choice test might not be the answer, but there
are other alternative.  A test where the canidate is given a senario and
must base his answers on the given senario might be a better way to test
a person's knowledge. 

Just my $.02

Dennis    

-----Original Message-----
From: Aman Raheja [mailto:araheja () techquotes com] 
Sent: Wednesday, March 23, 2005 12:33 PM
To: security-basics () securityfocus com
Subject: Re: GIAC Dilution

I would really like this topic to be more flooded with opinions.
It is indeed sad that this exam organizer (corp) has decided to make 
more money rather than give certification to people who really deserve.
I was planning to take this exam as well. I am not sure, if this is 
going to be equivalent to a Securoty+ now, which is cheaper and probably

would have the same market value - both being only exam based certs.
My next step would be CISSP but that's a way to go, though I already 
have enough experience to take that exam.
Nevertheless, some one mentioned that GIAC is going to drop pricing. Any

pointers to that ?
Thanks
Aman Raheja
http://www.techquotes.com


adeel hussain wrote:

> Hello Everyone,
>
> I agree with you all in regards to the certification loosing it's
> prestige and meaning.  I do think that the certification will still
> have some meaning as a representation of security knowledge just not
> waht it once was.
>
> As I understand it there will no longer be a option to complete the
> practical so all certs from this point on will be exam only.  The
> distinction between the exam only and practical versions will be
> unknown to the general masses and will even blur over time with those
> that currently know the difference.
>
> I think GIAC, and possibly SANS, will have to drop there prices a bit
> to reflect the reduced value of the cert.  I for one was working on a
> practical prior to signing up for the certification attempt.  That
> practical will no longer be required and the work will go to waste. 
> Perhaps I will publish it anyway in addition to applying it's message
> to my organization.
>
> Having said that I do plan on attaining the GSEC.  If they drop the
> prices I may go for more certs before people catch on that the value
> has depreciated.  As was stated previously "ride the wave".
>
> The time of the seasoned proffesional is now behind us..... roll on
> the paper GIAC certs
>
> Adeel
>
>
>