Home page logo
/

pen-test logo Penetration Testing mailing list archives

RE: CISSP-ISSMP
From: "Levenglick, Jeff" <JLevenglick () fhlbatl com>
Date: Mon, 8 May 2006 10:48:57 -0400

This always comes up. I'm glad that someone finally wrote an article.

Why IT Certs Don't Add Up 
 http://www.eweek.com/article2/0,1895,1957242,00.asp

As IT Certifications Devalue, Vendors Up the Ante 
http://www.eweek.com/article2/0,1895,1956636,00.asp

Study Shows Downside of IT Certification 
http://www.eweek.com/article2/0,1895,1954198,00.asp

"Pay for non-certified skills grew nearly 70 percent more than
certifications, or 4.4 percent versus 2.6 percent respectively. 

Among "cooling" certified tech skills, those that have lost their value
in the last year, the study lists nine, including MCDST (Microsoft
Certified Desktop Support Technician), CISA (Certified Information
Systems Auditor), and three Novell certifications (NCDE, MCNE, and CNA).


Fourteen certifications have grown in value, showing an 11 percent or
higher growth over the last year, including SCNP (Security Certified
Network Professional), CISM (Certified Information Security Manager) and
MCT (Microsoft Certified Trainer). "


Why?

Simple:

1) Too many people. Unlike Cisco, Microsoft and others realized that
they can make a lot more money by making the
tests a little easier. Funny how everybody now has letters? Did you
notice how many study books are out there? (And how they
all are alike?)

2) A cert is not the same or will ever be the same as a B.S. and MBA.
Too many people have chips on their shoulders. Depending on
your area, if there are too many 'cert' people, then companies will
frown upon the person who is asking for more money because they
have certs.

Roi..ect is hard to define. The 'best' case is that you work for a
company that pays for it. Advancement? If you have a B.S. or MBA
then you will advance quicker with your CISSP then if you did not have a
degree. (Plus on the job experience) 

Raise potential? Depends on the company. If the company is doing crappy,
then so will you.

It sounds like your are just starting out? If so, you have a long way to
go. 
PLUS... 

ISC requires:

4 years + experience in security. (3 with a BS or 1 with a masters)
Your resume. (they reserve the right to audit you)
Sponsorship from another CISSP.



-----Original Message-----
From: Mohamed Abdel Kader [mailto:makster12 () hotmail com] 
Sent: Monday, May 08, 2006 05:27 AM
To: pen-test () securityfocus com
Subject: CISSP-ISSMP

Hi all,
I was wondering if anyone out there did the CISSP-ISSMP concentration.
I want to know the value added in the areas listed below, in an out of
10 scale for example:
 
    Total ROI
    Career Advancement   
    Industry Demand
    Raise Potential
 
    Suitable for what job/position (not an out of 10 answer of course
:))   
 
I also want to know the material to study from.
 
Thanks a million.
MAK

------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's Choice Award from eWeek. As attacks through web applications
continue to rise, you need to proactively protect your applications from
hackers. Cenzic has the most comprehensive solutions to meet your
application security penetration testing and vulnerability management
needs. You have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download
FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your results from other product. Contact us at request () cenzic com for
details.
------------------------------------------------------------------------
------



-----------------------------------------
This e-mail message is private and may contain confidential or
privileged information.


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault