CAT – “Enough About Certifications- Show Me The Data!”

February 22, 2011

Dear Infosecleader Readers:

This week’s Career Advice Tuesday is going to serve as a formal announcement for our recently launched InfoSecLeaders Certification Survey.

Over the past two years as we have been answering questions, giving career centric presentations, writing articles, and doing podcasts, the one topic that just will not go away is “The Value of Certifications.”  

Many information security professionals have different views on the topic – some are completely anti-certification and some will do anything in their power to acquire more letters to place after their names.  Some hiring managers look at certifications as validation of skill, where some hiring managers completely overlook certifications, and focus solely on work experience and formal education.

Plain and simple, we thought it was about time to collect some heterogeneous data on this topic, to provide some real information to the information security community, on how you, the Information Security Professional feel about Certifications.

As always our survey is open to all information security professionals and is hosted on Surveymonkey.   Anyone who responds to the survey will have the ability to receive the final results when they are released, by submitting an e-mail address.  As always, the e-mail address is unrelated to the data that has been inserted – so your responses are not linked – the survey is anonymous.

Some other facts about the survey:

Participants – The survey is open to all Information Security Professionals.  Whether you hold security certifications or do not, your opinions are welcomed and appreciated.

Time Frame: The survey was launched at RSA , and will run until around July 1.

Duration – Probably about 10 minutes to complete

Survey Topics – Background, Are You Certified, Opinions and  Motivations for Certification,  Certifications as Career Investments, Certifications and the Hiring Process, Value of Certifications in Comparison to other Skills

Results - We are planning to announce the results around the time of Black Hat and DefCon.  We will submit a presentation to both conferences about the results.

Sponsorship -As always, none.  This survey is not sponsored by any one trade organization, magazine, membership organization, or product/services venue.   This is the creation of Infosecleaders.

Promotion - We will be promoting the survey by all means necessary in attempts to collect the most number of responses.   We will agree to any and all interview and pod cast requests.  We will promote this on our blog, mailing lists,  our Twitter feed, social media, mailing lists, or any other related forms.  We will enlist the help of all career minded security media partners to help create awareness.

In addition, we will be reaching out to all major industry associations, membership groups, and certification bodies to promote the survey to their memberships.   We are hopeful that they will support this research effort – however it is our experience that most (definitely not all)  will elect  not do so, unless they have control.  (One of the reasons behind our desire to create the survey) Nonetheless, we will ask them. 

We Need Your Help:   Our goal is to receive as many responses as possible – in order to do this, we need your help.  Please introduce the survey to any information security professional who has an opinion on this topic.   Feel free to publicize this on any mailing list, blog, industry group, or social media outlet that you believe would be relevent.    We trust you!


At the RSA Conference, ISC2 announced their sponsored global workforce study (by Frost and Sullivan),  and they had over 10,000  (10,413 to be exact) respondents (which is significant).  72% were ISC2 members, while 28% were non-members.  However, I think that as a broader community, and with  a strong grass roots effort,  we (collectively) can do better.  

10,000 respondents would be a lofty goal, considering our lack of financial resources, however we are willing to bet that as a community we can rival this. 

It will be interesting to see if the data collected and attitudes reflected in this heterogenous survey would be consistent with some of the data collected in the ISC2 sponsored survey

The questions are thought provoking  and may border on controversial.    When the results are published, we are hopeful that we can share the attitudes of the community – and either reinforce the current state, or  inspire some meaningful change around this topic.

As always, the data will reign supreme.

Thanks for your help,

Lee and Mike

Posted by lee | Filed Under Behavior, Career Advice Tuesday, Personal, Planning, Security Industry, Skills 


Comments are closed.