OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Gregory Tucker (gregory_a_tucker@yahoo.com)
Date: Wed Jan 09 2002 - 02:11:05 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    I won't dare to make a comparison between SANS and ISC2. The real "value" of
    a certification is determined not by security professionals, but by the
    managers who sign the checks: HR recruiters, IT heads, etc. (I realize that
    below was talking about "reputation" not "value". Definitely they are
    different. Here I am talking about the latter, which is probably more
    interesting to most people.) So a meaningful discussion of the
    certifications value requires some sampling of how do the certifications
    affect salaries, and how do they affect consulting agreements, etc.

    The GIAC web site posts a link stating that employers prefer GIAC. I have
    not reviewed the information, but as a matter of course I would expect them
    to say that. I haven't reviewed what research is available on the subject,
    if any, but I think it is a very interesting question. A friend (who has the
    CISSP) swears by that certification, but he doesn't back it up. Probably a
    friend of his told him the CISSP is better. Without hard evidence of the
    affect on salary, it is hard to say. Therefore, if anyone has any
    interesting links on this subject, I would be very interested to see them
    posted on this list.

    But a purely "economically rational" view of any certification doesn't do
    complete justice to any of them. Some pursue certification for the joy of
    learning. Individuals may be naturally more talented in one area than
    another; an economically rational decision may be a poor choice for any
    given individual. For example, I will never be a successful American
    Football player. Pursuing a CAFE ("Certified American Football Expert")
    certification probably will do me no good.

    Regards,
    Greg

    Tom Watson wrote:

    > To me ISC2 has a better reputation than SANS for certifications. Whether
    > that is an accurate representation however I can't say, I suppose the only
    > way to find out is to ask other security professionals (preferably not on
    > this list!).
    >
    > HTH
    > Tom Watson
    >
    > P.S. The views expressed in this email are my own and do not necessarily
    > represent those of my employers.
    > 

    -- 
   Gregory Tucker
   Tokyo, Japan
   mailto:gregory_a_tucker@yahoo.com

       Our Father which art in Redmond, William be thy name...