unix_fan wrote: [snippy]
> Ob CISSP: Since I'm dealing with Enterprise Security and Federal > agency mandates, I deal with a lot of people with CISSP on their > signature lines. I've genrally resisted the siren song of certs for > most of my career, but I'm thinking the CISSP is not something to > resist - someone might take my recommendations with higher salt > dosing if they don't see me sporting a CISSP title. I do not personally hold a CISSP, but I've paid for others to have them, where others were people who had better ability in sitting still and behaving for the several hours the test takes. As anyone who knows me can attest, I do not. A CISSP is going to give you more authority, for those people who don't already know you well. It shows that you have a certain amount of formal knowledge, and implies that you hold to a code of ethics. It is de rigeur in certain circles. Your company should be willing to pay for the test, and perhaps for the classes (speaking of another thing I never had the patience for). > To the other CISSP holders: Have you encountered any difficulty > maintaining the CISSP or are the average 40 hours/year of formal > continuing education not that big a burden for you? I would say that the 40 hours a year is a large burden if you specific function just includes security, rather than being the entire focus of your day. I recall SANS qualifying, various USENIX classes qualifying, and conferences such as Defcon and Layerone not qualifying (which they should not, IMNSHO). I used to teach a yearly brush up on computer and network security *just* to help with that requirement (and because it entertained me to do so). -- It's bad civic hygiene to build technologies that could someday be used to facilitate a police state. No matter what the eavesdroppers and censors say, these systems put us all at greater risk. (Bruce Schneier) _______________________________________________ Discuss mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
