So it seems that certifications are again in the press. This time over at SC Magazine. Last month, SC ran “Does testing matter?“. I say ran as opposed to ask, because really the article was a page long advertisement for the various certifications with most of the quotes being from the various organizations who sponsor them talking about how great they were. Though they do discuss some of the downsides, it comes across as an afterthought as opposed to a balanced discussion over whether they actually matter or not. Fortunately, we have folks like Martin McKeay and Rich Mogull with other viewpoints.
Six years ago or so, I got my CISSP and it has yet to make a difference to my career aside from getting one of those silly little ribbons for my badge at the RSA conference. Though at one point, my entire team had their CISSP certifications and it was great for taunting vendors. Neither really justifies the existence of the certification though.