Kerry Thompson just posted a solid article exploring the pros and cons of getting a CISSP (Certified Information Systems Security Professional) certification. The CISSP curriculum is demanding, that’s for sure; Thompson presents some good arguments both pro and con. (His final take: if you want more money, get an MCSE or CCNA :))
At the beginning of the year, I decided that I wanted to pursue getting my CISSP. I don’t need one for the work that I do, because I’m not primarily a security consultant. That’s what’s stopped me from pursuing my masters’ degree in computer science: the likely payoff isn’t worth the expenditure of time, effort, and money. However, the CISSP is becoming increasingly important as a way to separate people who have made a serious effort to strengthen their security knowledge and skills from the posers in the industry (who abound). I also think it would be interesting and challenging. Unfortunately, my workload so far this year has prevented me from taking the time to study; more precisely, my desire to maintain a happy home life instead of hitting the books for several hours each night is to blame. Maybe once this next round of projects finishes…
Paul's Down-Home Page 