News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Martin McKeay's picture
Martin McKeay

Security Matters

More posts | Read bio

July 30, 2007 - 11:04 A.M.

Certs: Added value or minimum requirement?

3 comments

I've got a Bachelors Degree in Information Systems Management, my Certified Information Security Systems Professional (CISSP) certification, the SANS GIAC Systems and Network Auditor (GSNA) certificate and I used to be a CCNA.   I spent two years getting my B.S. by attending night courses, the CISSP took me 6 months of constant study, the GSNA required a week's worth of intense instructor lead study, and I spent the better part of a school year taking the official Cisco course work at the local junior college before taking the test.  And with the exception of the CCNA, the time I spent earning my degree and getting my certifications was aimed strictly at filling in a check box on an HR person's list rather than learning something.  Not to say I didn't learn something in studying for each, but my goal was fulfilling a job requirement instead of education.

I have mixed feelings about certifications in the IT and security professions; certifications show that someone has the minimum knowledge required to pass a particular test.  It shows they understand their profession well enough to know what certificates are going to be required to get a job in their field.  It shows that the person is dedicated enough to their profession to take and pass these tests.  But what it doesn't show is real-world knowledge of security.

Obviously I'm not opposed to certifications, since I hold several myself.  But I've never liked the fact that many people think certification and skills are the same thing.  The fact that having the right certification can mean a significantly higher level of pay for professionals who otherwise are of the same skill level only further complicates the situation.   It encourages people to accumulate as many different certifications as possible to help bolster their income, something I'm as guilty of as anyone else.

I remember the early days of the Microsoft Certified Systems Engineer and "paper MCSE's" who had passed all the tests, but could barely remember how to change a password when they got their first job in the real world.  I often hear accusations that the CISSP is heading in the same direction, despite increased efforts by the ISC2 to validate candidates and  verify levels of experience.  But I think both of these miss the real point of certification; they show that someone has spent the time and effort to pass a test, not that they have the skills required to work in the real world.   After all, no one expects a kid fresh out of college to know everything about their chosen career, so why should a certificate be any different?

What People Are Saying

Add new comment

Is the CCNA training class

Submitted by Anonymous on September 17, 2007 - 2:02 P.M.

Is the CCNA training class offered by Microtrain very good? I want to go to a class to learn the material, not just to pass the exam.

Reply | Report this comment

This topic was already

Submitted by cyberteacher on July 31, 2007 - 10:25 A.M.

This topic was already discussed so many times on the Internet that we could write the book of blogs. However, every person's experience, some frustrations or achievements are worth to read and reply to for the benefits of other folks.
I have already participated in many forums and blogs talking about the value of certifications. You can read much more about it in my blog at http://securecyber.blogspot.com.
Having 13 years of teaching experience and some number of certifications, I can only say one thing: the actual hands-on/real-world-knowledge expertise will never be substituted by the certifications of any kind. I feel sick when I see that someone created a new certification in order to make a fortune on it (read my article written in 2002: http://www.rtek2000.com/Good/Why_we_have_to_fight_with_hypes.pdf)

The article also describes the problems that still exists in the IT market. The main problem is the low level of education and expertise of the HR's personnel. Until they will rely on those abbreviation letters after the last name, we will have the problem and unfulfilled expectations.

Reply | Report this comment

Value of Holding and

Submitted by Kewal Dhariwal on July 30, 2007 - 8:02 P.M.

Value of Holding and Maintaining a Professional Credential - www.iccp.org
Testing professionals in Business and the IT industry since 1973.

There are many credentials that provide excellent assessment of a person's skill set. A full assessment should provide a knowledge and skills gap analysis and provide details of both strengths and weaknesses.
This assists the exam taker, their supervisor and the HR department in planning professional development targeted to the identified weaknesses. Conversely as mentioned above there are significant salary improvements that result from achieving certification.

That however is not the only result, most certificands state clearly that they achieve much higher levels of confidence in their skillset, greater reputation with clients and peers in the industry. The sales opportunity that arises from having significant numbers of certified professionals is high. As a result, there is significant uptake of professional credentials by large organizations such as IBM, Infosys, Microsoft, R.L.Polk, and various government departments, the armed forces as well as a large number of academic institutions.

Some of the most popular ones are:
Certified Computing Professional, Certified Business Intelligence Professional, Certified Data Management Professional, Information Systems Professional, Associate Computing Professional.

New Credentials that are on the horizon are Certified Business Process Management Professional, Certified Services Oriented Architecture Professional. ICCP and it's partner the SOX Institute earlier this year released two major credentials in IT Compliance and IT Governance: www.itgg.org

For a HR managers, if you are interested in getting information on Skills Gap Analysis and onsite training and testing, contact the ICCP office: 1.800.843.8227 or office@iccp.org

http://scis.athabascau.ca/scis/staff/index.jsp?ct=kewald&sn=staff
Manager, ICCP Research Project
Athabasca University

Reply | Report this comment

Related Posts

Single tasking
Microsoft's Apple Store employee theft shocker!
How much would you pay Ballmer to run Microsoft?
Forget Snow Leopard: now Windows 7 is $30, or maybe $19

Today's Top Stories

Which IT projects are right for the cloud?
Five ways to lose your identity (and wallet) this holiday season
Ciena will pay $769M for Nortel's metro Ethernet business
Report: Microsoft may pay News Corp. to delist from Google
Intel: Don't look for one device to do it all
Top 5 Chrome OS myths debunked
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2009 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.