Re: [ISN] INFOSEC: Certifiably Certified

From: InfoSec News (isnat_private)
Date: Mon Oct 28 2002 - 04:16:43 PST

  • Next message: InfoSec News: "[ISN] Kerberos bug bites"

    Forwarded from: Richard Forno <rfornoat_private>
    > Forwarded from: "BERNARD, Mark" <MEBERNARat_private>
    > Certification simply implies that a person has a basic level of
    > knowledge it does not imply that they know how to use that knowledge
    > that only comes with experience and/or mentoring.
    Agreed, but as many of the comments to my article note at the
    Securityfocus.Com site, too many HR and management drones don't know
    technology and use certs as a major discriminator on sorting resumes.
    That's a problem.  No cert? You're obviously not a serious contender
    in the security field.
    That's a BS mentality, and probably part of why security's the way it
    > If you look at the most revered professions within our society you
    > will see that some level of certification under a common body of
    > knowledge is necessary for that profession to become stable and
    > continue to develop. A few examples are lawyers, doctors, mechanics,
    > etc...
    (I don't think lawyers are that revered in our society, do you?)
    In the case of evidence-handling, sure....that's a VERY specialized
    field within the INFOSEC world. But knowing someone's passed a test
    and knows the basics of security theory (or in some cases, limited
    practical evaluations) is not a good reason for revering someone for
    having a cert.
    ISN is currently hosted by
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.

    This archive was generated by hypermail 2b30 : Mon Oct 28 2002 - 07:09:22 PST