RE: CISSP-ISSMP

From: Levenglick, Jeff (JLevenglick@fhlbatl.com)
Date: Mon May 08 2006 - 10:48:57 EDT

• Next message: Ron Nelson: "Re: HTTP request working via hostname but not via IP address"
• Previous message: Roelof Temmingh: "Re: Sensepost Wikto vs E-Or"
• Maybe in reply to: Mohamed Abdel Kader: "CISSP-ISSMP"
• Next in thread: Nathaniel Hirsch: "Re: CISSP-ISSMP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This always comes up. I'm glad that someone finally wrote an article.

Why IT Certs Don't Add Up
 http://www.eweek.com/article2/0,1895,1957242,00.asp

As IT Certifications Devalue, Vendors Up the Ante
http://www.eweek.com/article2/0,1895,1956636,00.asp

Study Shows Downside of IT Certification
http://www.eweek.com/article2/0,1895,1954198,00.asp

"Pay for non-certified skills grew nearly 70 percent more than
certifications, or 4.4 percent versus 2.6 percent respectively.

Among "cooling" certified tech skills, those that have lost their value
in the last year, the study lists nine, including MCDST (Microsoft
Certified Desktop Support Technician), CISA (Certified Information
Systems Auditor), and three Novell certifications (NCDE, MCNE, and CNA).


Fourteen certifications have grown in value, showing an 11 percent or
higher growth over the last year, including SCNP (Security Certified
Network Professional), CISM (Certified Information Security Manager) and
MCT (Microsoft Certified Trainer). "


Why?

Simple:

1) Too many people. Unlike Cisco, Microsoft and others realized that
they can make a lot more money by making the
tests a little easier. Funny how everybody now has letters? Did you
notice how many study books are out there? (And how they
all are alike?)

2) A cert is not the same or will ever be the same as a B.S. and MBA.
Too many people have chips on their shoulders. Depending on
your area, if there are too many 'cert' people, then companies will
frown upon the person who is asking for more money because they
have certs.

Roi..ect is hard to define. The 'best' case is that you work for a
company that pays for it. Advancement? If you have a B.S. or MBA
then you will advance quicker with your CISSP then if you did not have a
degree. (Plus on the job experience)

Raise potential? Depends on the company. If the company is doing crappy,
then so will you.

It sounds like your are just starting out? If so, you have a long way to
go.
PLUS...

ISC requires:

4 years + experience in security. (3 with a BS or 1 with a masters)
Your resume. (they reserve the right to audit you)
Sponsorship from another CISSP.



-----Original Message-----
From: Mohamed Abdel Kader [mailto:makster12@hotmail.com]
Sent: Monday, May 08, 2006 05:27 AM
To: pen-test@securityfocus.com
Subject: CISSP-ISSMP

Hi all,
I was wondering if anyone out there did the CISSP-ISSMP concentration.
I want to know the value added in the areas listed below, in an out of
10 scale for example:
 
    Total ROI
    Career Advancement
    Industry Demand
    Raise Potential
 
    Suitable for what job/position (not an out of 10 answer of course
:))
 
I also want to know the material to study from.
 
Thanks a million.
MAK

------------------------------------------------------------------------
------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the
Analyst's Choice Award from eWeek. As attacks through web applications
continue to rise, you need to proactively protect your applications from
hackers. Cenzic has the most comprehensive solutions to meet your
application security penetration testing and vulnerability management
needs. You have an option to go with a managed service (Cenzic
ClickToSecure) or an enterprise software (Cenzic Hailstorm). Download
FREE whitepaper on how a managed service can help you:
http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm
your results from other product. Contact us at request@cenzic.com for
details.
------------------------------------------------------------------------
------



-----------------------------------------
This e-mail message is private and may contain confidential or
privileged information.

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------

• Next message: Ron Nelson: "Re: HTTP request working via hostname but not via IP address"
• Previous message: Roelof Temmingh: "Re: Sensepost Wikto vs E-Or"
• Maybe in reply to: Mohamed Abdel Kader: "CISSP-ISSMP"
• Next in thread: Nathaniel Hirsch: "Re: CISSP-ISSMP"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:55 EDT