Re: Information security certifications diversity and getting lost

["Thomas Ptacek" <tqbf () matasano com>]

> > How do you plan on solving the problems the CISSP has?
> > 1. People will "teach to the test".
> That is always the case with any test/certification.  Sometimes people
...
> > 2. Certs get stale fast.
> No argument here.  Technology is a fast-paced industry...
...

You need to ask yourself what the purpose of the cert is, and then ask
yourself whether the process for acquiring the cert achieves that
purpose.

Most certs are hiring tools. A "top 1% of the industry" cert is not a
particularly valuable hiring tool.

If the only goal was to make someone genuinely hard, so that passing
it was an accomplishment for almost anyone in the industry, this would
be an easy problem. We would just poll for everyone's hardest
interview questions.

But that's not the goal. The goal is something will scale and will
have business value. So far, everything that has tried to achieve both
those goals has either withered on the vine or been corrupted.

-- 
---
Thomas H. Ptacek // matasano security
read us on the web: http://www.matasano.com/log
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave