Re: [ISN] INFOSEC: Certifiably Certified

From: InfoSec News (isnat_private)
Date: Sat Oct 26 2002 - 04:34:36 PDT

  • Next message: InfoSec News: "Re: [ISN] Researchers predict worm that eats the Internet in 15 minutes"

    Forwarded from: Jim Eiden <jim_eidenat_private>
    That is the same mentality in the marketplace form the height of the
    dotcom era where anyone with a Bachelors degree in Marketing
    automatically qualified them as an expert with a Title of VP of
    Funny, every VP of branding I met had no idea who invented branding
    (Procter & Gamble).  And none of them knew what the 4 P's were.  By
    the way, the 4 P's are Price, Product, Promotion, and Place.  It is
    known as the Marketing Mix.  And how you combine the 4 P's determines
    your marketing strategy.
    When I met these people, not one of them could tell me how they were
    using the marketing mix.  Although they all had great business cards
    with a fancy title.  Their idea of marketing/branding was to waste
    money on expensive SuperBowl commercials.  They have nothing left to
    show but a fancy sock puppet (
    Just like the PMP certification for project management.  Every
    Recruiter is demanding that project managers have Project management
    certification.  In order to get the certification, you need 5 years
    Project management experience, but the marketplace has tunnel vision
    demanding this piece of paper.  Over time there will be a problem with
    this becuase you can't get the paper without the experience, and you
    wont be able to get the experience without the paper.
    I have a friend who has a Master's degree in Project Management from a
    major University.  A recruiter told him he wasn't qualified because he
    didn't have the certification.  He had to stop the recruiter and point
    out that he had 2 years of study (in addition to his experience),
    while those who have the certification, only had weeks of study.  
    Hmmm, that tunnel vision again.
    --- InfoSec News <isnat_private> wrote:
    > Forwarded from: Eric Lee Green <ericat_private>
    > On Wednesday 23 October 2002 11:44 pm, InfoSec News wrote:
    > > eyes of a third party is foolish. Haphazardly hiring security
    > > personnel on the basis of a certification for which there is not
    > > even a standard (such as ISO 17799) is a reckless endangerment of
    > > the hiring organization's resources. Furthermore, given the
    > > interconnected nature of the Internet, in some cases, this has the
    > > real possibility of adversely affecting security across the
    > > Internet in general.
    > Heh. Something I've been saying for years.
    > > That having been said, I'm happy to announce that I'm going into
    > > the certification business. If anyone cares to send me $500 and 
    > > copies of
    > I already beat him to it, in July 2001. See
    > for your own free certificate :-).
    > PS: POOE stands for "Poker Of Overinflated Egos", where said
    > "overinflated egos" belong to people who have enough certification
    > letters on their business cards to write a novel with. Strange, how
    > some of these people can become rather pompous in their insistence
    > that nobody uncertified could possibly be competent.
    > -- 
    > Eric Lee Green          GnuPG public key at
    Jim Eiden
    Cell: (630) 567-9588
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Sat Oct 26 2002 - 07:24:06 PDT