Here is the snip of my response at the time:
Actually, I am skeptical that we will ever have a certification track that will effectively capture the industry. As you mention, vendor-concentrated certifications demonstrate knowledge on a particular platform or product; however, in my opinion, information security is so fluid and nebulous that it is similiar to trying to have an intelligence (adjective, not noun) certification.
From a personal perspective, I have always found it more impressive if someone can teach as well as simply speak facts. Therefore, I would hope that a measure of a practitioner's value to an organization could be viewed, not by a single or suite of certifications, but rather the lifelong pursuit of the advancement of the profession. I think there is a very good parallel to this in practice throughout history today with the various martial arts.
I think ISC(2) and others have dabbled in this approach, but in my opinion, it needs to be refined. If I was holding the "magic wand", I would suggest that everyone study, teach, and contribute to the community through volunteering or charitable contributions to maintain a credential. Ultimately, I believe this would do more for the industry than any certification can provide alone.
Thoughts?
I wanted to throw it out to a wider audience to get some additional perspectives on the whole notion of requiring mentoring, teaching, or volunteer work as a condition of a security credential. It is one thing to have a bunch of acronyms after one's name, and I am not trying to diminish the accomplishments of those that are dedicated enough to obtain many certifications or advance their careers.
However, how would hiring managers feel about the merits of a technical certification(s), versus a more rounded certification which included charity work as a prerequisite?
I would love to hear opinions on this one.
Posts
No comments:
Post a Comment