What is cyber security certification worth?

This situation illustrates the challenge we all face in identifying qualified candidates.

Advertisements

There have been a lot of interesting reactions to the Equifax data breach. One of the most interesting for me is the criticism of the Equifax CISO’s lack of technical or cyber security education. She does have Bachelor’s and Master’s degrees in music composition as well as a resume that shows a work history at several companies also in the finance industry. This situation illustrates the challenge we all face in identifying qualified candidates.

It is only recently that Information Security degrees have become available from universities. Most people rely on “certifications” to vet qualified candidates. The Certified Information Systems Security Professional (CISSP), Global Information Assurance Certification (GIAC), Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) certifications are common in cyber Security job descriptions. But what is the true value of such certifications?

Certifications are issued by for-profit companies whose business model is to generate revenue by issuing certificates. On the one hand, they need to ensure a minimum “quality” of their certification holders so potential customers value the brand and are willing to pay the certification fees. On the other hand, they are encouraged to sign up as many customers as possible so the “quality bar” cannot be set too high. Once a certification brand is valued enough, there develops an education system to assist candidates to achieve the certification. You will often see “Boot Camps” that promise to fill your mind with all of the knowledge to pass the certification exam in one week. I think we can all agree that one week is insufficient to develop competency in any discipline.

For more to continue http://snip.ly/reins

Author: compliance4all

Compliance4All, the ultimate continuing professional education provider offers you regulatory and compliance trainings from the industry's leading experts, but with one crucial difference -the cost. Compliance4All's objective is to be a platform that provides regulatory and compliance trainings with all the class and features that come with these trainings, at a lower price. Compliance4All seeks to make regulatory and compliance trainings low-hanging fruits. Industries We Focus On: • Trade & Logistics • Aerospace Defense • Banking & Insurance • Food & Beverages • Auditing/Accounting & Tax • Energy • Environment • Education • Automotive Transport • Science and Technology • Government • Construction • Electronics & Semiconductor • Operation • Engineering/Science • Purchasing & Vendor Relation • General counsel/Accountant • Geology & Mining • Documentation/Records

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s