More on security certifications
by Anton Chuvakin
In his ever-insightful piece "CISSP: Any Value?" (referenced above), Richard Bejtlich says "I think the root of the problem is the concept that the CISSP somehow measures technical competence. The CISSP in no way measures technical skills. Rather, it should measure knowledge of security principles. It does not meet that goal, either." Read the whole article and the discussion that follows it on his blog!