|
|
Recent Articles |
Get Ahead With Preview Of Ubuntu Intrepid Ibex
Come October and Ubuntu fans shall cherish yet another release of the next Ubuntu - Intrepid Ibex (along with its derivatives - Kubuntu, Xubuntu, etc.) If you're aware, Ubuntu is known to adhere to a six-month release...
IT Certification Cons Being Addressed
Imagine showing up at a job interview with your impressive resume all in order. Then some drooling dunce comes in with the same IT certifications. Well, a movement against cheating should prevent this...
Information Security Certification Guide
Information Security Certifications are part of the credentialing landscape for an information security professional, and in many ways, those just generally interested in the subject. Search Security writers Ed Tittel and Kim Lindros have put together the definitive...
ISP Suggested As Certification Standard
By paying a few fees and sacrificing a handful of stamps, it's possible to get several degrees within a single month. Tell anybody about those degrees, though, and you'll hear laughter instead of congratulations.
The Technology Or The Presenter?
Another interesting presentation today at the iLinc Customer Summit came from Barb Nead-Nylander of the Dow Chemical Company. She talked about Dow's requirement for all of their online instructors (well...
Studying For Certification Exams
Well, I'd signed up to take the CompTIA A+ exam at the end of November but things got very out of control business-wise (one got busier, and the other got sold) so I hadn't done a lot in terms of getting ready.
|
|
08.28.08
Is A Security Certification Necessary?
 By Dan Morrill
Two great posts on "to cert or not to cert" in the never ending debate on if a security certification is the right thing to do reopens the contentious debate.
For some it is, for some it is not, this is one of those questions that can only truly be answered by knowing the answer to the question "what do you want to do to enhance your career".
Remember, a certification is like anything else: it's a tool to help further career goals. If it's not possible to get from point A to point B without getting certified, then by all means go down that path. But keep in mind, nothing is a panacea and there is no replacement for actual hands-on experience. Source: Search Security
In all this is an interesting point, and while there are many certifications out there, for Mike Rothman who penned the article at search security, he is right there are both good and bad things about having a security certification. The key thing to note is that for many cases, this is more of a rough guide to the hiring manager than anything else is. If the job requires the cert and many apply who do not have it, then that is an easy cut to make.
The problem is that having a certificate, much as a college degree does not replace hands on rubber meets the road skills, which is a consistent message from many people. Off line people will talk disparagingly about any certificate, while the official track is that they are great.
Security karma points out on their blog that there are four stages or reasons for getting a certificate, which are all interesting, as we have all met these people.
• Smart, dedicated professional looking to expand knowledge and become an expert in their chosen field spending hours studying texts, reading white papers, etc.
• Smart, dedicated professional that went to training and took the exam at the end because... "why not?"
• Poor soul sent to a boot camp training course to take on new technology / responsibility that they have no experience in, took the test on Friday afternoon after getting their free travel mug and polo shirt.
• Sales engineers and the ilk that need certifications to "prove" expertise... I still remember the CISSP, CEH, LMNOP vendor dude that didn't understand basic routing issues and insisted that eBGP could NOT be run on an internal network.
Source: Security Karma
So while the debate rages, the idea to get a certificate boils down to what do you need to do to get promoted to the next level, or raise the game in the job you are looking for. If the dream job requires the CISSP and you have four years of hands on information security experience, then it makes sense to get a certificate. If the job requires a Bachelors degree, but no certificate, then you need to go get your bachelors degree. Not a complex issue, but one that is more personally involved in what do you want to do next, or what do you need to do to get the job.
You will find people who know nothing regardless of their degree's or certified past, you will find people who are very smart and know a lot regardless if they have a degree or certificate or not. People who do not know much soon become apparent, and regardless of their certificate or degree, if they still do not know then they just do not know. The real clue comes in is if they will listen to you or not, and if your word is not valid because they have a degree or certificate, move along, there is nothing you can do to help them. There are people like this everywhere, it is not specific to their credentialed, or non credentialed past.
You have to choose what is right for your career, and to make the decision to get a certificate or a degree is dependent upon where you want to go next.
Comments
About the Author:
Dan Morrill has been in the information security field for 18 years, both
civilian and military, and is currently working on his Doctor of Management.
Dan shares his insights on the important security issues of today through
his blog, Managing
Intellectual Property & IT Security, and is an active participant in the
ITtoolbox blogging community.
|
