Pro+ Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
July 2006

Face-Off: Schneier and Ranum debate security certifications

Bruce Schneier Point I've long been hostile to certifications--I've met too many bad security professionals with certifications and know many excellent security professionals without certifications. But, I've come to believe that, while certifications aren't perfect, they're a decent way for a security professional to learn some of the things he's going to know, and a potential employer to assess whether a job candidate has the security expertise he's going to need to know. What's changed? Both the job requirements and the certification programs. Anyone can invent a security system that he himself cannot break. I've said this so often that Cory Doctorow has named it "Schneier's Law": When someone hands you a security system and says, "I believe this is secure," the first thing you have to ask is, "Who the hell are you? Show me what you've broken to demonstrate that your assertion of the system's security means something." That kind of expertise can't be found in a certification. It's a combination of an innate feel for security,...

Access this Pro+ Content for Free!

By submitting you agree to recieve email from TechTarget and its partners. If you reside outside of the United States you consent to having your personal data transferred and processed in the United States. Privacy Policy

Features in this issue

  • What Are You Worth?

    SALARY Six-figure security jobs have become common. Maybe you should slip this article into your boss's mailbox.

  • Moving On Up

    SKILLS How do you rise in the security ranks? Don't speak geek; use the language of business.

Columns in this issue

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

-ADS BY GOOGLE

Close