[Owasp-ireland] CISSP

Brian O'Toole brianotoole at gmail.com
Tue Aug 25 08:57:48 EDT 2009


Hi Jan,

I think, while it is certaily true that your M.Sc. won't expire in the same
way that a CISSP will, you still need to work at it after you graduate to
keep your knowledge relevant. This is what the CPE's try to force you to do,
although how effective they are is up for debate.

That said, you're not going to have to pay DCU $85 every year to be able say
that you have the degree.

Brian

2009/8/25 Jan P. Monsch <jan.monsch at iplosion.com>

>  Hi,
>
>
>
> First of all I am not CISSP certified.
>
>
>
> In my opinion CISSP is a two-edged sword. On one hand it is a great
> opportunity to learn about a broad range of security topics while preparing
> for the exam. However, on the other hand I consider CISSP (and other
> certifications for that matter) as a large money making business for the
> organization handing out the certifications. I also question the strategy of
> ISC2 to advertise CISSP certification as a means to get USD 85'000 p.a.
> salary (please do not quote me on that number). If earning more money for
> all involved parties is THE selling point, I do not see how this should
> result in well skilled workforce. I also think that CISSP alone does not
> tell if somebody is really skilled or not and it cannot be a replacement for
> a job interview and a critical appraisal of the applicant's industry
> practice and references. A point which also worries me is the increasing
> practice by some employers which use CISSP certified employees as a CYA
> strategy.
>
>
>
> Myself, I considered doing certifications but after having a closer look I
> thought it is too expensive for what you get. That is the main reason why I
> decided to pursue the M.Sc. degree at DCU. Although the range of topics is
> probably not as broad as in CISSP and the course is very technical, you have
> at least the chance to get your hands very dirty on a technical level.
> Additionally, a M.Sc. degree does not expire.
>
>
>
> These are my two cents.
>
>
>
> Best regards,
>
> Jan
>
>
>
>
>  ------------------------------
>
> *From:* owasp-ireland-bounces at lists.owasp.org [mailto:
> owasp-ireland-bounces at lists.owasp.org] *On Behalf Of *Eoin
> *Sent:* Dienstag, 25. August 2009 11:07
> *To:* owasp-ireland
> *Subject:* [Owasp-ireland] CISSP
>
>
>
> Hi,
>
> Dave Lowry and myself were discussing the merits of having CISSP.
>
> I believe it is useful from a credential perspective but does not imply
> skill or aptitude for security in general.
>
>
>
> May I ask who is CISSP and what do they think of its usefulness and
> relevance?
>
>
>
> BTW, every hour in attendance at the OWASP event on Sept 10th is worth one
> CPE credit towards your CISSP or CISA.
>
>
>
> Eoin
>
>
>
>
>
>
>
>
>
>
>
> --
> Eoin Keary CISSP CISA
> https://www.owasp.org/index.php/OWASP_Ireland_AppSec_2009_Conference
>
> OWASP Code Review Guide Lead Author
> OWASP Ireland Chapter Lead
> OWASP Global Committee Member (Industry)
>
> http://asg.ie/
> https://twitter.com/EoinKeary
>
> _______________________________________________
> Owasp-ireland mailing list
> Owasp-ireland at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-ireland
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-ireland/attachments/20090825/8173db0b/attachment.html 


More information about the Owasp-ireland mailing list