I found this article through a friend of a friend, and he makes the best rationalization for having a CISSP behind your name.

I think the one fatal flaw in this logic is that in order to get a CISSP, you have to have worked in the industry for 3-4 years (depending on if you have a degree or not), so using the CISSP for a “basic knowledge” benchmark doens’t always work. Someone has to take the chance on those kids right out of school or just getting into securty work before they can even attempt the exam. Perhaps if there was a “pre” CISSP, similar to the EIT exam mentioned in the article. Or make the CISSP available to individuals without the experience, and one of the specialization exams after 3-4 years of experience.

I’m still of the opinion that it’s a money making racket (~$500 for the exam and at least $85/year, not counting paying to get the CPEs).

And, yes, I have a CISSP.

This entry was posted on Monday, July 3rd, 2006 at 2:37 pm by Laura Raderman and is filed under general. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.