Forwarded from: Richard Forno <rfornoat_private> > Forwarded from: "BERNARD, Mark" <MEBERNARat_private> > > Certification simply implies that a person has a basic level of > knowledge it does not imply that they know how to use that knowledge > that only comes with experience and/or mentoring. Agreed, but as many of the comments to my article note at the Securityfocus.Com site, too many HR and management drones don't know technology and use certs as a major discriminator on sorting resumes. That's a problem. No cert? You're obviously not a serious contender in the security field. That's a BS mentality, and probably part of why security's the way it is. > If you look at the most revered professions within our society you > will see that some level of certification under a common body of > knowledge is necessary for that profession to become stable and > continue to develop. A few examples are lawyers, doctors, mechanics, > etc... (I don't think lawyers are that revered in our society, do you?) In the case of evidence-handling, sure....that's a VERY specialized field within the INFOSEC world. But knowing someone's passed a test and knows the basics of security theory (or in some cases, limited practical evaluations) is not a good reason for revering someone for having a cert. Rick Infowarrior.org - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Oct 28 2002 - 07:09:22 PST