Toolkit
Story: IT security industry 'to be professionalised'
Posted by: Anonymous (Wednesday 22 February 2006, 11:51 PM)
As another “latest" and "best ever" security certification hits the already saturated security certification space, one asks is it really needed. With vendor neutral certifications, not to mention the ubiquitous vendor ones already available one ask do we need another security certification, with all the requisite fees and CPEs to keep up with.
With ISC2 CISSP and ISACA CISA and now CISM well established, one must ask the rationale behinde The DTI’s and Cabinet Office’s support for yet another security certification, the form of IISP. Reading, what little material available so far on IISP, it does not seems to add anything over the aforementioned and established certificates. Being a CISSP of 4 years standing and having recently passed CISM, I only see IISP adding to confusion and undermining the existing hard earned designations.
Since Novell's CNA/E hit the certification market; accusations have been rife of vendors cynically using ever innovative and sometimes as a new and important income stream. It seems vendor neutral security certifications perhaps are also being used to generate nice little “earners” for the boys. Perhaps the people behind the IISP certification need to start by demonstrating Return On Security Investment (ROSI) for their existence. Until then I like many people will not be convinced that IISP will add anything to my existing skills and designations other than CPEs and FEES.
Full Talkback thread
Story: IT security industry 'to be professionalised'
-
It is my opinion that there are too many "professi... Chris Goodman -
This new group appears to be for those withou... K.C. -
Ahh yes, yet ANOTHER group trying to get on the 'W... Anonymous
-
As another “latest" and "best ever" security... Anonymous -
There is a professional body for IT in the UK... John Fowler
