Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Gregory Tucker (firstname.lastname@example.org)
Date: Wed Jan 09 2002 - 02:11:05 CST
I won't dare to make a comparison between SANS and ISC2. The real "value" of
a certification is determined not by security professionals, but by the
managers who sign the checks: HR recruiters, IT heads, etc. (I realize that
below was talking about "reputation" not "value". Definitely they are
different. Here I am talking about the latter, which is probably more
interesting to most people.) So a meaningful discussion of the
certifications value requires some sampling of how do the certifications
affect salaries, and how do they affect consulting agreements, etc.
The GIAC web site posts a link stating that employers prefer GIAC. I have
not reviewed the information, but as a matter of course I would expect them
to say that. I haven't reviewed what research is available on the subject,
if any, but I think it is a very interesting question. A friend (who has the
CISSP) swears by that certification, but he doesn't back it up. Probably a
friend of his told him the CISSP is better. Without hard evidence of the
affect on salary, it is hard to say. Therefore, if anyone has any
interesting links on this subject, I would be very interested to see them
posted on this list.
But a purely "economically rational" view of any certification doesn't do
complete justice to any of them. Some pursue certification for the joy of
learning. Individuals may be naturally more talented in one area than
another; an economically rational decision may be a poor choice for any
given individual. For example, I will never be a successful American
Football player. Pursuing a CAFE ("Certified American Football Expert")
certification probably will do me no good.
Tom Watson wrote:
> To me ISC2 has a better reputation than SANS for certifications. Whether
> that is an accurate representation however I can't say, I suppose the only
> way to find out is to ask other security professionals (preferably not on
> this list!).
> Tom Watson
> P.S. The views expressed in this email are my own and do not necessarily
> represent those of my employers.
-- Gregory Tucker Tokyo, Japan mailto:email@example.com
Our Father which art in Redmond, William be thy name...