Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Re: University Degree or CISSP

From: "Craig Wright" <cwright () bdosyd com au>
Date: Sat, 28 Jan 2006 15:09:59 +1100

All of the examples that are mentioned are not considered a technology based education. Politics, phycology etc are all 
humanities based subjects and are well suited to business. Most professional managers do not have a “business” degree, 
but rather a related degree as you have listed. A BA in Politics for example is oft considered a business degree. (look 
to the works on frames in business and interpersonal relationships in organisational studies. Politics is a valid 
business frame).

 

The point is a range of subjects. Security is NOT about technology. An understanding of the technology is needed, but 
the key focus is people. Hence the need to have a broader focus.

 

What we need to look at is a process of continual or even as it has been called life long learning. One or the other 
(certification or qualification) is never sufficient; stopping the learning process at any stage is not a good policy.

 

Craig

 

-----Original Message----- 
From: Bob Radvanovsky [mailto:rsradvan () unixworks net] 
Sent: Sat 28/01/2006 1:59 PM 
To: Craig Wright; Kain, Becki (B.); security-basics () securityfocus com 
Cc: 
Subject: RE: Re: University Degree or CISSP



        So...those who have BOTH a business AND a computer science backgrounds can understandably "fit" better into a 
security role than simply someone who has one or the other?  Perhaps.  I have known people who had either psychology, 
political science, history, and liberal studies degrees -- all of them have done very well with security.  Perhaps it 
is with the "human factor" that allowed them to transition into security so well...  ;))
        
        -rad
        
        P.S.  Then again, I've known my fair share of "security people" who couldn't conduct any security role or 
function without constantly reviewing their "Security For Dummies" manuals.  The sad thing was that they were certified 
in one or more security-based certifications (and that included the CISSP)!!!  >(((
        
        ----- Original Message -----
        From: Craig Wright [mailto:cwright () bdosyd com au]
        To: "Kain, Becki (B.)" [mailto:bkain1 () ford com], security-basics () securityfocus com
        Subject: RE: Re: University Degree or CISSP
        
        
        >
        > The completion of a degree shows a certain process. It demonstrates a
        > certain level of research ability and knowledge. A degree does not do
        > everything for you, but it does help.
        >
        > Most importantly it is important to have an understanding of more than
        > just IT. A "security" engineer with technical knowledge and no process
        > knowledge or business knowledge is oft worse than useless. Security is
        > not about tools and is a Risk based process. Many people with a
        > technical ONLY background do not understand this or the related business
        > controls.
        >
        > Craig
        >
        > -----Original Message-----
        > From: Kain, Becki (B.) [mailto:bkain1 () ford com]
        
        > Sent: 27 January 2006 8:22
        > To: security-basics () securityfocus com
        > Subject: RE: Re: University Degree or CISSP
        >
        > The thing that I find frustrating, and I have a 4 year degree from
        > University of Michigan, in Economics, is that companies, like the one
        > I'm posting from, make it a requirement that you have a degree, but not
        > what the degree is in.  Seems that a person with 4 years of practical
        > computer work should be seen as just as (or more, IMHO), useful that a
        > person with a 4 year degree, but no practical skills.  But then again,
        > I'll never understand HR departments.
        >
        > Liability limited by a scheme approved under Professional Standards
        > Legislation in respect of matters arising within those States and
        > Territories of Australia where such legislation exists.
        >
        > DISCLAIMER
        > The information contained in this email and any attachments is confidential.
        > If you are not the intended recipient, you must not use or disclose the
        > information. If you have received this email in error, please inform us
        > promptly by reply email or by telephoning +61 2 9286 5555. Please delete the
        > email and destroy any printed copy.
        
        >
        > Any views expressed in this message are those of the individual sender. You
        > may not rely on this message as advice unless it has been electronically
        > signed by a Partner of BDO or it is subsequently confirmed by letter or fax
        > signed by a Partner of BDO.
        >
        > BDO accepts no liability for any damage caused by this email or its
        > attachments due to viruses, interference, interception, corruption or
        > unauthorised access.
        >
        > ---------------------------------------------------------------------------
        > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
        > The Norwich University program offers unparalleled Infosec management
        > education and the case study affords you unmatched consulting experience.
        > Tailor your education to your own professional goals with degree
        > customizations including Emergency Management, Business Continuity Planning,
        >
        > Computer Emergency Response Teams, and Digital Investigations.
        >
        > http://www.msia.norwich.edu/secfocus
        > ---------------------------------------------------------------------------
        >
        >
        
        
        Bob Radvanovsky, CISM, CIFI, REM, CIPS
        rsradvan () unixworks net | rsradvan () infracritical com | rsradvan () ehealthgrid com
        (630) 673-7740 | (412) 774-0373 (fax)
        


Liability limited by a scheme approved under Professional Standards Legislation in respect of matters arising within 
those States and Territories of Australia where such legislation exists.

DISCLAIMER
The information contained in this email and any attachments is confidential. If you are not the intended recipient, you 
must not use or disclose the information. If you have received this email in error, please inform us promptly by reply 
email or by telephoning +61 2 9286 5555. Please delete the email and destroy any printed copy.  

Any views expressed in this message are those of the individual sender. You may not rely on this message as advice 
unless it has been electronically signed by a Partner of BDO or it is subsequently confirmed by letter or fax signed by 
a Partner of BDO.

BDO accepts no liability for any damage caused by this email or its attachments due to viruses, interference, 
interception, corruption or unauthorised access.
Previous By Date Next
Previous By Thread Next

Current thread: