RE: MS in information security

["Ken Kousky" <kkousky () ip3inc com>]

I know I jumped on this issue early in the discussion with shock that
anybody would compare a college degree with any or even all of the available
industry certifications and then was shocked to see the ongoing interest in
finding a short cut to success without the hard work.

Three observations - those who found their college work to be meaningless I
can only say it's your own fault. I've taught at Ivy League universities and
community colleges. Both had lots to offer but if a student wanted to spend
$30,000 a year and waste their time or simply log credits and a degree at
the local CC, both were certainly possible.

I also have managed and hired hundreds of IT professionals over the years
and anybody who found that the recruiters only wanted a certification should
be advised that they were being hired as a "grunt" without serious
opportunity for career advancement. I NEVER saw a serious IT career position
with management potential being offered based on certifications. On the
other had, there were lots of needed staff positions needed to pull wire,
run the back-ups, trouble shoot and grease the wheels that might have needed
very specific skills which could be well documented through a Cert.

It's true that one of the top 5 spam offerings is now a college degree.
That's because they really are valuable. Buying one doesn't provide an
education. 

The only real long term value is your education. While I give CISSP prep
lectures all the time and I truly believe that certifications for
professionals are vital, I hope nobody gives up their education for it.
Study math, science, history and art and be sure to enjoy it - it will last
a life time.

And let us not forget Mark Twain on the subject "never let school interfere
with a good education" or something like that.

Regards.

KWK

-----Original Message-----
From: bob1th () yahoo com [mailto:bob1th () yahoo com] 
Sent: Monday, January 30, 2006 3:52 PM
To: security-basics () securityfocus com
Subject: MS in information security

Hello, 

I noticed that the question of 'CISSP or degree' got a lot of feedbacks and
comments.  I am also considering more education in order to enter security
field.  I already have BS degree from good school and working for a IT
company working with various applications.  However, I have always wanted to
be a little bit more technical and be exposed to more research-like
environment.  Not sure if I want Ph.D., but definitely looking at one of
those MS in information security.  Georgia Tech and several other reputable
universities offer such program.  

After working almost 2 years in industry, I know that experience is really
important and that I can acquire the knowledge myself through many sources
although I don't go back to school to do it. On the other hand, the idea of
getting higher or specialized education and degree is really appealing.
Also, since my current work does not have anything to do with security,
getting more education might offer me a better chance of getting in to
security field than studying on my own, getting some certs and try to
convince companies to believe that I know about security. 

Any opinions welcome

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning,

Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------