Lazy Man’s Load: Credentialing and Education That Never Fails

John McCumber

John McCumber is a cybersecurity executive, retired US Air Force officer, and former Cryptologic Fellow of the National Security Agency. In addition to his professional activities, John is a former Professorial Lecturer in Information Security at The George Washington University in Washington, DC and is currently a technical editor and columnist for Security Technology Executive magazine. John is the author of the textbook Assessing and Managing Security Risk in IT Systems: a Structured Methodology

Related Post Roulette

4 Responses

  1. Oscar Gordon
    Ignored
    says:

    I wonder how many other “difficult to fill” careers in the US follow this same path.Report

  2. Michael Cain
    Ignored
    says:

    Showing my age and naivete, if I were putting two years into it, I would expect that yes, I could pass the certification. I would also expect that I would know why those were the right answers, what the inferior alternatives were, and conditions under which those alternatives might be a better solution. Or as I used to put it, “We learn theory because theory is what tells us where the ice is thin.”Report

  3. Saul Degraw
    Ignored
    says:

    I think a lot of this (like many other things) can be boiled down to “You can’t have it both ways but both ways is the only way I want it.” This mantra can be found among all people, all businesses, and all ideologies.

    1. In the early days of any field, it seems easy for people to teach themselves something and succeed or get very unofficial certification. My uncle was never formally educated in computer science (his field was linguistic) but in the mid to late 1970s, PacBell just wanted people who could code regardless of background.

    2. When a field gets established enough, it starts to formalize. I know people who went from the arts to computer software via coding academies and found good-paying jobs but a lot of places just want a CS major outright.

    3. Human resources departments will do all sorts of abuse to justify being able to go abroad for a candidate*, this includes asking for five years of experience in a programming language that has existed for three years.

    4. No one really wants to compromise to prevent these abuses. Libertarians and conservatives do not want to crack down on business/capital with government regulation and enforcement and my side does not quite want to admit that credentialing has gotten out of hands. No one wants to bring back apprenticeships especially large corporations.

    5. The status quo continues.

    *I’m all for open borders but the more likely solution is to come after HR for doing things like this and making sure it hurts.Report

    • Oscar Gordon in reply to Saul Degraw
      Ignored
      says:

      Regarding HR gaming requirements – The complaint regarding regulation is that writing a regulation to prevent this needs to be very narrow. Do you stop all bad postings, or is this only enforced if a company is pushing for a candidate abroad? How do you verify? How do you control for honest mistakes versus intentional gaming?

      Is it impossible? No.
      Is Congress capable of writing such a regulation while avoiding corporate lobbying seeking to gut it? Also no.Report

Leave a Reply

Your email address will not be published. Required fields are marked *