I was dissapointed to learn that one particular large business in London has opted to stop considering job applicants who hold a CISSP certification. This, apparently, results from candidates who hold the certification failing to impress at interview. Unfortunately I can’t link to any references for this particular information however it originated in person from a senior authority within the industry.
With this being the case, it somewhat undermines at least two of the core objectives of the certifcation. The ISC2 website describes these as follows:
Benefits of Certification to the Professional
Demonstrates a working knowledge of information security Confirms commitment to profession Offers a career differentiator, with enhanced credibility and marketability Provides access to valuable resources, such as peer networking and idea exchange
So, is the certification still worthwhile making the effort for? Yes it is! There will always be a minority quick to rubbish the value of qualifications – unfortunately some of those individuals are going to be in positions of responsibility to the detriment of people working hard to get ahead in their careers.
I’m also not doubting that there are going to be some who have the qualification but don’t make good job candidates. That doesn’t diminish the value. It is what it is: a tough paper-based exam which demonstrates that an individual has knowledge. It is not a test of character or technical skill.
So, for those of you working and studying hard to achieve the CISSP, don’t be disheartened. There will always be a small number of cynical old sods out there ready to rubbish hard earnt qualifications.