RE: CISSP Question

["Ruiz, Michael S. (Security)" <Michael.S.Ruiz () idearc com>]

I've been reading this thread for the last several days.  Here are my
thoughts:

Although I do not have my CISSP (yet), it is prudent to say the CISSP
carries its weight well.  However, the experience and skills knowledge
has to be there.  This isn't an MSCE, folks.  There is no way around
this unless you've got a 175 IQ and have a passion for security through
book absorption.  Even then, you don't have the experience/skills to
quantify the knowledge.  Experience/skills is key.

Additionally, I have to agree with Eric and a few others. There are
those of us, like myself, who have a passion for security.  That, in
itself, leads to a continued learning process and evolution to stay on
top.  This includes going to training sessions to reading the latest
news daily to higher education.  I, myself, will be graduating with a
Masters in Homeland Security, minoring in Information Security, this
winter. This will also include getting my CISSP, and learning Arabic and
Chinese before the end of 2007.  If I have time, I'll get the CISA.  I
do this for the love of what I do and the protection of my company.
Lose this, and you're dead in the water, or shouldn't be in the
industry.

Regards,

Michael Stephen Ruiz


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Eric Zatko
Sent: Thursday, May 10, 2007 8:53 AM
To: security-basics () securityfocus com
Subject: RE: CISSP Question

Hello again everyone.

One point that has not yet been made in this thread is that through
obtaining certifications and or additional/advanced degrees, an
individual demonstrates the willingness to continue learning and the
ability to do so.

Go for it!
Eric