A Sys Admin's view, sorry this got kind of long. I notice that the CISA certification has a stringent (self serving?) continuing education requirement. Is the same true of the CISSP? Where do these certification mills get their accreditation? Is there some sort of college equivalence? (Even though the E in MCSE stands for Engineer, I wouldn't advise attending an engineering convention with just the MCSE credential) Why not just challenge a course at an accredited college? For example, Microsoft has released 13 corrections to it's published books relating to MCSE certification. In an adaptive testing scenario, missing a couple of questions can be the difference between a pass or fail. Missing questions because they are incomprehensibly written, or just plain wrong is unforgivable. I haven't heard anything about MS offering to replace the reference books -- let alone re-evaluating the tests that would have been passed with the elimination of the faulty questions. A poor CNE must enroll in the Ver. 6 program, just to maintain the right to say s/he was certified on a prior version, I haven't come across an installed copy of NetWare (any version) in the last 3 years. On the other hand, Microsoft has quietly published that it will continue to honor NT 4 certifications -- despite industry rumors. So, what is the IT professional's motivation to enter into a continuing education requirement? Security is a culmination of over 40 years of industry experience, just becase a certification is dated, does that mean we can no longer read a manual? There has to be a better way, perhaps BSD? Steve Kritzer BTW, I think that the sales projections for the security industry are optimistic. The first thing to be cut is security when bankruptcy looms. Fines for violating basic HIPAA regs are ridiculously low when compared to software compliance. Many companies don't even have a handle on software over-installs yet. ----- Original Message ----- From: "Meritt James" <meritt_jamesat_private> To: <securityjobsat_private> Sent: Tuesday, November 27, 2001 7:22 AM Subject: Article: Attacks prompt more scrutiny of IT security > "Sure, information technology spending is down and will continue to stay > down if industry experts are correct. However, there's a bright -- and > hot -- spot: IT security. > > In 2002, tech spending will grow by only 2.2 percent but much of that > growth will come from IT security, according to Cambridge, Mass.-based > Forrester Research Inc. Forrester estimates IT spending will rise by 9.7 > percent to reach $567 billion. " > ............... > > Full article at > http://austin.bcentral.com:80/austin/stories/2001/11/26/focus1.html > -- > James W. Meritt CISSP, CISA > Booz | Allen | Hamilton > phone: (410) 684-6566
This archive was generated by hypermail 2b30 : Wed Nov 28 2001 - 12:38:11 PST