Comments on: Certification Shmertification

By: Peter

Peter — Sat, 14 Oct 2006 13:03:22 +0000

I’ve been an MCSD since 2000, and it really hasn’t made a difference getting jobs, and only helps out when the company is looking to get/keep their MS Partner program benefits.
My current employer is bidding on a huge government RFP, and some of the key security staff will have to have CISSP among other certs.

By: Arthur

Arthur — Sat, 14 Oct 2006 08:14:58 +0000

Alexandre, As Lazarus points out, the answer is almost always money. The sad thing is that SANS/GIAC had a certification that required a written practical exam. Unfortunately, they got rid of that requirement, austensibly for flexibility, but I suspect people were complaining that it was too hard given the 80% failure rate, GIAC was seeing. Don Parker and Richard Bejtlich in particular were unamused at this change. See CertCities for their interview with the Peter Northcutt for the marketing aspects. Speaking of marketing, for a good laugh read GIAC's Does Certification Matter?

By: Lazarus Long

Lazarus Long — Fri, 13 Oct 2006 19:19:50 +0000

Whenever a question starts with “why don’t they,” the answer is almost always money.

By: Alexandre Carmel-Veilleux

Alexandre Carmel-Veilleux — Fri, 13 Oct 2006 18:42:54 +0000

With few exceptions (Cisco’s CCIE comes to mind) I don’t get impressed much by certifications. Take any three serious computer geeks and combined I’m convince they can pass just about any multiple choice exams you throw at them in most of these certifications. Some are better, but they quickly devolve to cram sessions and postnominials on business cards.
Why don’t more certifications take the practical approach and add lab components where relevant to their market? Either that or an open ended thesis-and-defence if hands-on labs are not relevant (e.g.: CISSP or any other industry-wide cert.) Of course, it’s quite a bit more work scoring these then a multiple choice exam.

By: Anonymous

Anonymous — Fri, 13 Oct 2006 13:03:53 +0000

Nah, it doesn’t really, I just thought it would be funny to say.

By: Adam

Adam — Thu, 12 Oct 2006 23:11:46 +0000

I’m fucking mortified. We get hits for CISSP?

By: Anonymous

Anonymous — Thu, 12 Oct 2006 19:38:01 +0000

Maybe it helps drive traffic to your blog. I did a search for CISSP and your site popped up.

By: sama

sama — Thu, 12 Oct 2006 15:07:51 +0000

Certifications generally show that you memorized well for an exam. I suppose that’s worth something, but it sure doesn’t mean you know what you’re doing. There are plenty of lousy lawyers and CPA’s whose existence is proof of that, never mind IT certifications.