Are you security certified?
In many organizations security is really not the high level priority it should be. This attitude is slowly changing due to the vulnerability at almost 100% of organizations in regards to an internal or external security exposure. I read an article by Marie Larsen on CIO’s.com entitled, Data Center Security Breaches Are No Laughing Matter. Ms. Larsen discussed the value of security certification of staff, and recommended that certifications should be taken more seriously by organizations, if only to use as a benchmark for ascertaining some sort of competency level. Referencing an Information Week article, data security seems to have been the laughing stock of the IT community this past year. In particular, many tech professionals have found the notion of undergoing specific certification in information protection to be a joke.
Although this article limited the discussion to security professionals, I am sitting on the fence with this one. Does certification, of any kind (not just security) just mean you can pass a test? Is certification a true benchmark for knowledge? Or is it just adding a comfort level to the organization that the human resource has a defined level of knowledge?
What are your thoughts?