[Owasp-ireland] CISSP

Jan P. Monsch jan.monsch at iplosion.com
Tue Aug 25 08:32:18 EDT 2009


Hi,

 

First of all I am not CISSP certified.

 

In my opinion CISSP is a two-edged sword. On one hand it is a great
opportunity to learn about a broad range of security topics while preparing
for the exam. However, on the other hand I consider CISSP (and other
certifications for that matter) as a large money making business for the
organization handing out the certifications. I also question the strategy of
ISC2 to advertise CISSP certification as a means to get USD 85'000 p.a.
salary (please do not quote me on that number). If earning more money for
all involved parties is THE selling point, I do not see how this should
result in well skilled workforce. I also think that CISSP alone does not
tell if somebody is really skilled or not and it cannot be a replacement for
a job interview and a critical appraisal of the applicant's industry
practice and references. A point which also worries me is the increasing
practice by some employers which use CISSP certified employees as a CYA
strategy.

 

Myself, I considered doing certifications but after having a closer look I
thought it is too expensive for what you get. That is the main reason why I
decided to pursue the M.Sc. degree at DCU. Although the range of topics is
probably not as broad as in CISSP and the course is very technical, you have
at least the chance to get your hands very dirty on a technical level.
Additionally, a M.Sc. degree does not expire.

 

These are my two cents.

 

Best regards,

Jan

 

 

  _____  

From: owasp-ireland-bounces at lists.owasp.org
[mailto:owasp-ireland-bounces at lists.owasp.org] On Behalf Of Eoin
Sent: Dienstag, 25. August 2009 11:07
To: owasp-ireland
Subject: [Owasp-ireland] CISSP

 

Hi,

Dave Lowry and myself were discussing the merits of having CISSP.

I believe it is useful from a credential perspective but does not imply
skill or aptitude for security in general.

 

May I ask who is CISSP and what do they think of its usefulness and
relevance?

 

BTW, every hour in attendance at the OWASP event on Sept 10th is worth one
CPE credit towards your CISSP or CISA.

 

Eoin

 

 

 


 


-- 
Eoin Keary CISSP CISA
https://www.owasp.org/index.php/OWASP_Ireland_AppSec_2009_Conference

OWASP Code Review Guide Lead Author
OWASP Ireland Chapter Lead
OWASP Global Committee Member (Industry)

http://asg.ie/
https://twitter.com/EoinKeary

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20090825/432e27f2/attachment.html 


More information about the Owasp-ireland mailing list