[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Training & Certifications

To: keydet89@xxxxxxxxx, exibar@xxxxxxxxxxx
Subject: Re: [Full-Disclosure] Training & Certifications
From: "Robert Repp" <robertrepp@xxxxxxxxxxx>
Date: Fri, 02 Apr 2004 17:33:40 -0600

Harlan,

What we're doing is porting customers from consultancy by one person to a new, larger business owned by that person as a growth move. We're "inheriting" three small (~150 seat) corporations and a handful of small (~5-25 seat) office businesses. Almost every customer has had some issue with either trojans, hacking attempts, or DoS. As we go through the sales process, we're being asked often about all of these.

As a salesman, I'd like to be able to point out a credible authority whose training informs our work. As a technician, I'm interested in making sure our team can get actually useful training. I agree that the right people and skillset is much more important than simply having the right certs on the lobby wall. Side question: Is there a reliable test you favor when interviewing new techs about network administration?

This list seemed like the place to ask about widely respected security authorities, since anything obviously fake or useless tends to be quickly engulfed in flames.

Thanks,
Rob

From: Harlan Carvey <keydet89@xxxxxxxxx>
To: Exibar <exibar@xxxxxxxxxxx>, Robert Repp <robertrepp@xxxxxxxxxxx>
CC: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Training & Certifications
Date: Fri, 2 Apr 2004 13:31:29 -0800 (PST)


> Without the experience behind the cert, any and all
> certs aren't even worth the paper they're printed
on.

This is true, and I couldn't agree more.  However, the
thing about certs is that they have to be measureable
and repeatable...which, when one becomes popular, very
quickly leads to bootcamps, etc.  There a lot of folks
w/ the necessary experience...but even that doesn't
make a "qualified" security professional.

> With that said, the most notable Security
> cert would have to be CISSP.

The CISSP may be useful for Robert's upper-level
folks, but it's really more of a management level
cert.  For what Robert seems to want to do, I wouldn't
think that any certs would be necessary...after all,
are small businesses really going to want to pay the
higher price for folks w/ high-level certs?

Robert, saying you want to set up a security
consultancy for small businesses, what kind of
services do you plan to offer?  Maybe that would help
your decision regarding certifications.  It might be
advisable to look for folks w/ MCSEs, Red Hat
cert...whatever os's you're going to support.

Hope that helps a bit...

Harlan

_________________________________________________________________ Persistent heartburn? Check out Digestive Health & Wellness for information and advice. http://gerd.msn.com/default.asp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Training & Certifications
  - From: Harlan Carvey
- RE: [inbox] Re: [Full-Disclosure] Training & Certifications
  - From: Curt Purdy

Prev by Date: Re: [Full-Disclosure] FD should block attachments
Next by Date: Re: [Full-Disclosure] FD should block attachments
Previous by thread: RE: [inbox] Re: [Full-Disclosure] Training & Certifications
Next by thread: Re: [Full-Disclosure] Training & Certifications
Index(es):
- Date
- Thread