I was reading an article several days ago about another information security certification that has come out. I then searched for, and found, a website:
http://www.csoonline.com/article/485071/The_Security_Certification_Directory
that has compiled a list of a bunch of them. As I browsed through it, I recognized some of them that have been around for a while, but there were several new ones that have snuck into the world while I was not looking.
There are certifications for information security management, security technology, vulnerability testing, hacking and now even anti-hacking… Hmmm, anti-hacking? How many information security certifications does the world really need, I wonder? Certifications in general, in my opinion, are becoming more of a racket than a value proposition.
Advice for people wanting to get into the security profession: take some classes, read some books, and get real world experience but don’t think that 3 or 4 or 5 certifications after your name will get you hired, respected, etc.... Valuable information security professionals are practical thinkers, down to earth, have a broad technology background, are self starters and have a passion for innovation and problem solving. And they don’t usually have a trail of certifications following their names.
Comments