Security Management Strategies for the CIOAccess "Face-Off: Schneier and Ranum debate security certifications"
This article is part of the July 2006 issue of Exclusive: Security salary and careers guide
Bruce Schneier Point I've long been hostile to certifications--I've met too many bad security professionals with certifications and know many excellent security professionals without certifications. But, I've come to believe that, while certifications aren't perfect, they're a decent way for a security professional to learn some of the things he's going to know, and a potential employer to assess whether a job candidate has the security expertise he's going to need to know. What's changed? Both the job requirements and the certification programs. Anyone can invent a security system that he himself cannot break. I've said this so often that Cory Doctorow has named it "Schneier's Law": When someone hands you a security system and says, "I believe this is secure," the first thing you have to ask is, "Who the hell are you? Show me what you've broken to demonstrate that your assertion of the system's security means something." That kind of expertise can't be found in a certification. It's a combination of an innate feel for security, extensive knowledge of the ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
- What's a Hot Pick?
-
Calculate You IT Security Salary
Learn how to calculate your IT information security salary based on certifications, job and years of experience, company size and industry.
-
Document Review
Document Detective 2.0
- All In A Day's Work
-
The Right Stuff
SAVVY No two CISOs have the same background, but successful ones have similar skills.
- The XX Factor
-
What Are You Worth?
SALARY Six-figure security jobs have become common. Maybe you should slip this article into your boss's mailbox.
-
- 9 Habits of Highly Successful CISOs
-
Information security resume do's and don'ts
Get advice, and learn do's and don'ts for creating an information security technology or network security resume.
-
Hot Pick: Tenable offers solid vulnerability management
by Brent Huston, Contributing Writer
Product review: Tenable Network Security's Security Center 3.0 helps organizations throughout the vulnerability management lifecycle, from asset discovery to remediation.
-
Mobile Device Security
Mobile Guardian Enterprise Edition 5.1
-
Authentication: RSA SecurID Appliance 2.0
RSA SecurID Appliance 2.0
- Buy the Book
-
Moving On Up
SKILLS How do you rise in the security ranks? Don't speak geek; use the language of business.
-
Columns
-
Editor's Desk
Job Won
-
Face-Off: Schneier and Ranum debate security certifications
Are security certifications valuable?
-
Perspectives: Security success sometimes hinges on politics and personalities
The best infosecurity professionals are situationally aware and attuned to what is happening to them and their environment.
-
Ping: Robert Garigue
Robert Garigue
-
Editor's Desk
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...