Re: University degrees on IT-Security

Andrew MacBrien (MacBrienA@Radium-VS1.Hanscom.AF.MIL)
Fri, 28 Oct 94 9:28:15 EDT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jim Truitt: "FYI: Re: University degrees on 'IT-security'"
Previous message: Jim Truitt: "FYI: CISSP Certification?"
Maybe in reply to: Guenther Pernul: "University degrees on IT-Security"
Next in thread: Guenther Pernul: "Re: University degrees on IT-Security"

Oh,no! Not CSEs!

As a former Certified TEMPEST Professional Level II and having been through 
most of the Novell CNE process, let me weigh in on this.

In the first couple of go-rounds, the certification process does what most 
people think it should, that is, validate the experience and, to a lesser 
degree, the competence of the participants involved.

Managers and decision-makers, who love to manage and decide things but don't 
really care all that much about thinking, will latch onto the certificate as 
the only thing that matters. You can have experience and knowledge up the 
wazoo, but if you don't have the ticket, you won't even be considered.

Two things will then happen: Wanna-bes will try to find a way to pass the test 
without paying their dues, and some bright entrepenuer will develop a course 
that will help them achieve that goal. In the end, the exact opposite of the 
desired goal will come to pass.

Been there, done that. IMHO CSE=a Bad Thing(tm).

So there.


---------------------------------------------------
Andy MacBrien - Speaking for himself.
MIS Security Analyst, Computer Sciences Corporation
ESC/SCXM, Hanscom AFB, MA
Internet:MacBrienA@Radium-vs1.hanscom.af.mil
--------------------------------------------------- 
-------------
Original Text
>From Jim Truitt <jtruitt@dw3f.ess.harris.com>, on 10/28/94 09:06:
Hi,

	This thread is probably out of place, but since the subject has
already been broached:

	I think there is movement towards "certified" engineers (e.g. CNE).

	Locally we have been talking about a need for CSEs (Certified
Security Engineers).

	I think this interest in Computer Security curriculums at the
university level may be in response to pressure from the government (as
a customer for computer systems with increased requirements for
security) to certify and accredit their systems.

	I think it's a good move.

	I would be interested in thoughts on this topic.

Is there a need for CSEs?
How would the certification be done?
Would the certification be general (security concepts) or specific
(kerberos certified)?

	and the like.

Thanks
Jim Truitt

Next message: Jim Truitt: "FYI: Re: University degrees on 'IT-security'"
Previous message: Jim Truitt: "FYI: CISSP Certification?"
Maybe in reply to: Guenther Pernul: "University degrees on IT-Security"
Next in thread: Guenther Pernul: "Re: University degrees on IT-Security"