New User? Need help? Click here to register for free! Registering removes the advertisements.

Computer Cops
image image image image image image image image
Donations
If you found this site helpful, please donate to help keep it online
Don't want to use PayPal? Try our physical address
image
Prime Choice
· Head Lines
· Advisories (All)
· Dnld of the Week!
· CCSP News Ltrs
· Find a Cure!

· Ian T's (AR 23)
· Marcia's (CO8)
· Bill G's (CO11)
· Paul's (AR 5)
· Robin's (AR 2)

· Ian T's Archive
· Marcia's Archive
· Bill G's Archive
· Paul's Archive
· Robin's Archive
image
Security Central
· Home
· Wireless
· Bookmarks
· CLSID
· Columbia
· Community
· Downloads
· Encyclopedia
· Feedback (send)
· Forums
· Gallery
· Giveaways
· HijackThis
· Journal
· Members List
· My Downloads
· PremChat
· Premium
· Private Messages
· Proxomitron
· Quizz
· RegChat
· Reviews
· Google Search
· Sections
· Software
· Statistics
· Stories Archive
· Submit News
· Surveys
· Top
· Topics
· Web Links
· Your Account
image
CCSP Toolkit
· Email Virus Scan
· UDP Port Scanner
· TCP Port Scanner
· Trojan TCP Scan
· Reveal Your IP
· Algorithms
· Whois
· nmap port scanner
· IPs Banned [?]
image
Survey
How much can you give to keep Computer Cops online?

$10 up to $25 per year?
$25 up to $50 per year?
$10 up to $25 per month?
$25 up to $50 per month?
More than $50 per year?
More than $50 per month?
One time only?
Other (please comment)



Results
Polls

Votes: 983
Comments: 19
image
Translate
English German French
Italian Portuguese Spanish
Chinese Greek Russian
image
image CyberCrime: Security HeadLines: Employers want security certifications image
CyberCrime
Employers want security certifications
By Grant Gross
IDG News Service

Peter Stephenson, an IT security consultant, says he wouldn't bother getting a security certification unless it helped feed his family. In his case, it did.

Some security professionals have begun to question the value of their most highly-valued certifications, as more and more people pass those tests, said Stephenson, a consultant at Eastern Michigan University's Center for Regional and National Security, during a presentation at the Computer Security Institute's (CSI) Computer Security Conference and Exhibition in Washington, D.C.

Many employers, however, still look for those little certification letters on resumes as a way to screen applicants, he said.

Stephenson, a security manager and computer forensics investigator for close to 20 years, didn't pay attention to certifications until 2002, when he was laid off from a job. He then decided to seek certifications because headhunters weren't calling, even with his years of experience. At one point after taking the Certified Information Systems Security Professional (CISSP) certification in 2002, he posted two versions of his resume on the Internet, one with the CISSP certification listed and one without. The CISSP resume generated several calls from employers, the second resume, even with all his experience listed, generated no calls, he said.

Even though the certificates were helpful in his case, Stephenson said, professionals do have legitimate concerns about them.

This is a veritable soup of training and certification opportunities, many of which are ill defined, except for the part about the price, Stephenson said. The problem is the certification companies have turned it into such a money grab that the credibility of some of these certifications are starting to slip.

A representative of CISSP vendor International Information Systems Security Certification Consortium wasn't immediately available for a comment on Stephenson's talk, but the Computing Technology Industry Association (CompTIA), which offers the Security+ certification, defended certifications as a way for hiring managers to evaluate employees. CompTIA often hears stories from IT workers who say certification have helped advance their careers, said Gene Salois, vice president of certification at CompTIA.

Certification is the capstone for learning, since it validates that learning has occurred, Salois wrote in an e-mail. The skill benchmark provided by certification is often used as a criterion for hiring.

Stephenson's comments also generated a healthy debate among the security professionals attending his presentation.

What do we get for our money here? asked Terri Curran, director of sponsored research and information security officer at the International Institute for Digital Forensic Studies, based in Weymouth, Mass.

High-level security certifications can provide value, especially for consultants trying to sell their services to customers, answered Joseph Popinski III, director of network security consulting with Information Engineering, based in Huntsville, Ala.

Walking in the door with these certifications establishes you as an expert in your field, said Popinski, whose resume includes the CISSP and the Certified Protection Professional certifications.

But Popinski also said he was concerned that more and more security certifications do not require much professional experience. I want to make (certification) a goal to strive for, he said.

Stephenson agreed that many certifications are easy to obtain. One acquaintance of his, a former stock broker, received a network security certification by reading a book, and others with little practice experience attend intensive boot-camp courses, then pass certification tests, he said. They join that elite bunch of security professionals known as CISSPs, and those of us who've been in this business for more years than I like to think about, we get to stand right next to those people in front of employers, and it becomes a crap shoot as to who's going to get the job, he said.

Stephenson agreed that certifications can provide some benefits. Certifications that require holders to take continuing education classes and require real-world experience are especially valuable, he noted, and some companies require security professionals to get certifications before they can work on some types of equipment. He pointed to certifications from the SANS Institute as especially relevant for technicians and engineers.

Stephenson listed many other benefits of certifications, mostly for people other than those who are already certified. Employers use them as filters for hiring, certification companies make money, professional groups such as CSI get people to come to their conferences for continuing education credits, and sellers of ink benefit as resumes get longer, he said.

Every one of these certifications has a potential place in your career path, he said. You, who spend the money and take the course, might actually see some benefit.



The IDG News Service is a Network World affiliate.

nwfusion.com
Posted on Monday, 10 November 2003 @ 04:35:00 EST by phoenix22
image

 
Login
Nickname

Password

· New User? ·
Click here to create a registered account.
image
Related Links
· TrackBack (0)
· HotScripts
· W3 Consortium
· More about CyberCrime
· News by phoenix22


Most read story about CyberCrime:
Police to Launch International Cyber Child Porn Sting

image
Article Rating
Average Score: 0
Votes: 0

Please take a second and vote for this article:

Bad
Regular
Good
Very Good
Excellent


image
Options

Printer Friendly Page  Printer Friendly Page

image
"Login" | Login/Create an Account | 0 comments
Threshold
The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register