RE: [ISN] INFOSEC: Certifiably Certified

From: InfoSec News (isnat_private)
Date: Sat Oct 26 2002 - 04:35:49 PDT

  • Next message: InfoSec News: "Re: [ISN] INFOSEC: Certifiably Certified"

    Forwarded from: "BERNARD, Mark" <MEBERNARat_private>
    
    Dear Associates,
    
    The one thing that you appear to have over looked is one fundamental
    principle of incident handling and Information Security, that is to
    ensure that who you are getting advice has some basis for their
    decision making.
    
    Certification simply implies that a person has a basic level of
    knowledge it does not imply that they know how to use that knowledge
    that only comes with experience and/or mentoring.
    
    If you look at the most revered professions within our society you
    will see that some level of certification under a common body of
    knowledge is necessary for that profession to become stable and
    continue to develop. A few examples are lawyers, doctors, mechanics,
    etc...
    
    To boldly state, as a few of you have, that all certifications are
    basically useless is not to understand the goals of these
    certifications.
    
    
    Regards,
    Mark.
    
    
    
    
    -----Original Message-----
    From: InfoSec News [mailto:isnat_private]
    Sent: Friday, October 25, 2002 5:43 AM
    To: isnat_private
    Subject: Re: [ISN] INFOSEC: Certifiably Certified 
    
    
    Forwarded from: Eric Lee Green <ericat_private>
    
    On Wednesday 23 October 2002 11:44 pm, InfoSec News wrote:
    > eyes of a third party is foolish. Haphazardly hiring security
    > personnel on the basis of a certification for which there is not
    > even a standard (such as ISO 17799) is a reckless endangerment of
    > the hiring organization's resources. Furthermore, given the
    > interconnected nature of the Internet, in some cases, this has the
    > real possibility of adversely affecting security across the Internet
    > in general.
    
    Heh. Something I've been saying for years.
    
    > That having been said, I'm happy to announce that I'm going into the
    > certification business. If anyone cares to send me $500 and copies
    > of
    
    I already beat him to it, in July 2001. See http://badtux.org/pooe.pdf
    for your own free certificate :-).
    
    [...]
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Sat Oct 26 2002 - 07:25:27 PDT