I do not think this was soley about money. Looking at the number of
students vs. the number of certifications handed out for GIAC, something
is wrong. The practical (while an excellent idea) has become bloated to
the point they are more a determination of stubbornness rather than
knowledge. GIAC's primary goal is to increase the security knowledge.
Did the practical increase the knowledge of individuals who attempted
it? Probably. Is this the best method to increase their knowledge?
Probably not.
GIAC is in a transition. I don't think this will be a paper cert. Will
more people attempt and gain GIAC certification? I hope so. Will this
dilute the cert? Mayber, but it also could have the opposite effect.
Because there are so few GIAC certified secrity professionals, the
certification does not have the same visibility outside the security
world as other certifications. CISSP is a great example. How can GIAC
gain this visibility. One way is to get qualified people to attempt the
certification process. Writing is not something most IT professionals
have high on their "Fun things I like to do list." There has to be a
better way. A multiple choice test might not be the answer, but there
are other alternative. A test where the canidate is given a senario and
must base his answers on the given senario might be a better way to test
a person's knowledge.
Just my $.02
Dennis
-----Original Message-----
From: Aman Raheja [mailto:araheja@techquotes.com]
Sent: Wednesday, March 23, 2005 12:33 PM
To: security-basics@securityfocus.com
Subject: Re: GIAC Dilution
I would really like this topic to be more flooded with opinions.
It is indeed sad that this exam organizer (corp) has decided to make
more money rather than give certification to people who really deserve.
I was planning to take this exam as well. I am not sure, if this is
going to be equivalent to a Securoty+ now, which is cheaper and probably
would have the same market value - both being only exam based certs.
My next step would be CISSP but that's a way to go, though I already
have enough experience to take that exam.
Nevertheless, some one mentioned that GIAC is going to drop pricing. Any
pointers to that ?
Thanks
Aman Raheja
http://www.techquotes.com
adeel hussain wrote:
Hello Everyone,
I agree with you all in regards to the certification loosing it's
prestige and meaning. I do think that the certification will still
have some meaning as a representation of security knowledge just not
waht it once was.
As I understand it there will no longer be a option to complete the
practical so all certs from this point on will be exam only. The
distinction between the exam only and practical versions will be
unknown to the general masses and will even blur over time with those
that currently know the difference.
I think GIAC, and possibly SANS, will have to drop there prices a bit
to reflect the reduced value of the cert. I for one was working on a
practical prior to signing up for the certification attempt. That
practical will no longer be required and the work will go to waste.
Perhaps I will publish it anyway in addition to applying it's message
to my organization.
Having said that I do plan on attaining the GSEC. If they drop the
prices I may go for more certs before people catch on that the value
has depreciated. As was stated previously "ride the wave".
The time of the seasoned proffesional is now behind us..... roll on
the paper GIAC certs
Adeel
