Opinion: Do industry certifications matter?

Information Security, just as with most professions, has more than its fair share of debates. Some turn ugly fast, depending on who is doing the debating and what the topic is. I want to talk a little about certifications, and hopefully provide some insight into whether they really matter or not.

Personally, I think certification does matter and that it has value when properly managed by the governing body. The problem we run into is that certificates are often poorly managed and only used as a way to generate revenue. Too many times people who are not qualified take the tests and pass them, thus becoming certified. Of course, we also all know those who don’t hold a single certification, yet are seen as real “Rock Stars” of security and IT.

The question is: what matters to those who are hiring? What is it that the managers are really looking for when they scan through job applications? This is not about what Human Resources puts in a requirements list, or what the “industry” says is needed, but what really holds value to a company.

Now, at this point, many of you are going to say that it’s skills that really matter, not certifications. If that's true, then why are certifications often required? Why is so much value put on them, and why do more and more certifications appear every year?

Why do they matter? Why is it that so many companies require them? I don’t think the argument that certification “validates skills” holds water any longer. All too often you come across those who have gone to a boot camp, or crammed for a test and passed it, but really don’t understand the technology or whatever the certification is supposed to measure. This leaves you with a certified applicant who lacks the skills needed to back the certification up. This isn’t the fault of the individual, so much as it is of the governing body for allowing it to happen. Such bodies encourage it, chosing to focus on marketing the certification instead of ensuring there is real value to having it in the first place.

I look for several things when looking for someone to fill a role on my team, including job experience, personal experience, personality, character, ethics, certification, education, and skills (some are more important than others, depending on the role to be filled). I can also afford to bring in someone weak on skills when the rest of the team is strong. This gives the new person a chance to learn, the rest of the team a chance to mentor, and me a chance to help shape someone into a first class security professional.

Many people don’t take anything into account other than skills and/or certification. I think when that happens they're missing out on key qualities that can turn a good team into a great team and make the difference between a good employee and a great one.

Things like character, ethics, personality, and personal experience can really add value to a team. Not to mention that these things often tell us a little about what to expect when times get tough. Is that team member going to hold up well under pressure? Are they going to do the right thing when faced with an opportunity to be dishonest? Are they going to own up to their mistakes and shortcomings? Or are they going to make excuses and blame others? If you have a team full of people you can’t count on to “do the right thing” at the right time, then you have a team that will fail you.

Another thing that I look for in a team member is how they earned their certification. Did they work in the industry for a couple of years and then pursue it, or did they go to class and take a test with little or no experience? Maybe they don’t have the experience because of the old “can’t get a job without experience” catch-22. That isn’t such a big deal to me if, in the pursuit of their certification, they took the time to read and learn as opposed to rushing into it via boot camp. If they spent several months studying and talking to people in forums, industry affiliations, and practiced via CBT offerings and such, then that shows me they are interested in learning -- not just attaining certified status.

Something else that tells me a great deal about the person is the reason they chose a certain certification. Did they choose it because it was hot at that particular moment, or maybe because they thought it would get them a good deal more money? Have they considered their long term plans? How does this certification fit into those plans? It may not fit, and that is fine.

When it comes down to it, a certification alone means very little to me. How someone achieved it and what they have done with it tells me much more. I care more about who they are than what a piece of paper says about them.


Andy Willingham is the Information Security Officer with the Metropolitan Atlanta Rapid Transit Authority (MARTA). He has been in technology for over 12 years with the last seven focused on security. Willingham has a passion for security and, more importantly, making a difference in how security practitioners do their jobs and how the rest of the world views security.

You can read more of his writings on his blog at www.andyitguy.com.

[Note: This article is an updated opinion on the realities of certification in Information Security and IT as a whole. The original article is located here. The Tech Herald welcomes articles and opinion submissions on a limited basis. While not all will be published, each will be read and subject to use with citation at a future date. -- Steve Ragan, Security Editor]

Like this article? Please share on Facebook and give The Tech Herald a Like too!

From our Other Sites

Man Makes Tiny Edible Pancakes with Tiny Kitchen Tools (Video)

This Japanese guy cooks up some pancakes…nothing special there right? Well he uses tiny implements to do it and makes perfect little pancakes. Kinda cool and they look tasty!

What Color is this Dress?

White and Gold or Blue and Black?
Well this one has been trending all over the web, just what color is this dress? It all started in Scotland when the mother of a bride-to-be sent a picture to her daughter asking what she thought of the dress. The bride and groom each saw the image differently, this then got posted online and picked up by some viral sites. The lighting in photo is probably  causing different people to see it as either white and gold or blue and black. Prof Stephen Westland, chair of color science and technology at a University in the UK told the BBC that it was impossible to see what other people see but that it was most […]

McLaren 675LT Pictures

Some great shots of the forthcoming McLaren 675LT. This coupe will get you to 60mph in less than 2.9 second and go all the way to 205mph.

McLaren 675LT Details

McLaren’s 675LT will debut at this year’s Geneva show and promises some eye-popping performance. The coupe only 675LT has a 3.8 liter V8 that will get you from 0-60mph in less than 2.9 seconds and to 124mph in less than 7.9 secondsMore than a third of the parts have been changed compared with its stable mate […]

McLaren 675LT Wallpaper

Some cool McLaren 675LT Wallpaper. The McLaren 675LT is the latest coupe to come from the supercar maker and has a top speed of 205mph.Click on an image to open a page with multiple sizes that you can download to use as wallpaper for your mobile or desktop.More McLaren Wallpaper.

Octopus hunts on land, grabs crab (Video)

This crab is minding its own business searching the rock pools for food when suddenly an octopus leaps out of the water and grabs it. The amazing thing is that the octopus does not just jump on the crab it actually pulls it all the way back to the rock pool it came from. If you check the second video you will see it is not unknown for octopus to come out of the water and the one in the second video has a crab with it, though is not hunting one! Octopus Walks on Land at Fitzgerald Marine Reserve The video was taken by Porsche Indrisie in Yallingup, Western […]

Stunning Mars Rover Selfie

This image by the Curiosity Mars rover is not exactly your typical selfie. It is made up of a bunch of images taken by the rover during January 2015 by the Mars Hand Lens Imager. This (MAHLI) camera is at the end of the robot’s arm. For a sense of scale the rover’s wheels are about 20 inches diameter and 16 inches wide. Check the annotated image below for more information on the surroundings. Also if you really want to see some detail click this very large image, 36mb, at NASA.  

How the Sahara Helps Feed the Amazon (Video)

Sahara to Amazon
This cool video from NASA shows how dust is transferred across the Atlantic to the Amazon rainforest and helps nourish the plants growing there. For the first time scientists have measured the amount of dust and the amount of phosphorus in the dust. The later acts like a fertiliser and helps replenish the phosphorus the rainforest loses each year, around 22,000 tons. Amazing how something we perceive as being desolate like a desert actually has an important role in sustaining somewhere we see as teeming with life. Image and video from NASA’s Goddard Space Flight Center.

Bouncing Laser Guided Bomb (Video)

This amazing video shows a laser guided bomb bouncing back up after hitting its target. We actually think this is a non-explosive bomb designed to test guidance systems but it is still pretty remarkable and somewhat scary.

South Koreans Swallowed by Sinkhole (Video)

Thankfully the couple survived their adventure.
This amazing footage taken from the CCTV on a passing bus shows the moment two pedestrians in South Korea fall down a sinkhole in the street! Rescue workers managed to save the pair, who were treated in a nearby hospital for minor injuries. According to reports the city authorities and the Korean Geotechnical Society are looking into the cause.