Michael A. Goedeker, Auxilium Cyber Se-curity: They are important but experience is more important. Certs don’t guarantee success but combined with experience through using taught concepts in projects is an indicator.
Rick Blaisdell: Yes, that’s for sure. The 2015 CompTIA study HR Perceptions of IT Training and Certification revealed that:
65 percent of employers use IT certifica-tions to differentiate between equally qu-alified candidates • 72 percent of employ-ers use IT certifications as a requirement for certain job roles • 60 percent of orga-nizations often use IT certifications to con-firm a candidate's subject matter knowledge or expertise • 66 percent of employers consider IT certifications to be very valuable - a dramatic increase from the 30 percent in 2011.
Dotan Bar Noy, Re-Sec Technologies: Cer-tification plays an important role ensuring your team is up to speed with new solu-tions and encounters other professional to share ideas and feedbacks on the diffe-rent solutions.
Rajeev Chauhan: To some extent, certifi-cations are benchmarks for judging capa-bilities, but there is no substitution for re-levant to an architecture or model.
Przemek (Shem) Radzikowski, Secbüro Labs: I’ve met many highly-certified peo-ple who have turned out to know very little. All too frequently, certifications only test knowledge but not the candida-te’s ability to apply the concepts in real world situations.
Dennis Chow, Millar, Inc: Yes, certifica-tions will complement and evolve to help maintain the attestation of a certain level of skill. However, we will see more inte-rviews and other candidate requirements to prove hands-on experience through
‘practical’ assignments.
David Clarke, VCiso: The idea that a five day training course means we have cyber skills, anymore than learning to drive from multimedia training course is valid, we need the equivalent of medical interns, Barristers Pupilage.
Amber Schroader, Paraben Corporation:
Yes, certifications are a necessity as they allow for the specialization in the industry that can only be done through specific certifications.
Andrew Bagrin, My Digital Shield: I think certification has already dated itself and it won’t get any better. Accomplishments and understanding of core principles is what I look at.
Stephan Conradin: Yes, but certification will have to adapt to new complexity.
When I got my CISSP, I had a question about the height of the fences, It is always a good question but now our data is more in the cloud and less protected by fences.
Wade Lovell, Simpatic: I hope not. I prefer directly testing candidates and reviewing their code and thought process.
BroadTech Security Team: Certification even now is not the main tool to confirm skill and expertise for CEOs & HRs who care about business. But vendors will push for certification since it is another recur-ring revenue generation market due its expiry date.
Paul Hoffman, Logical Operations: Certifi-cation will continue to play the primary role in confirming expertise.
Ondrej Krehel, LIFARS: I think work expe-rience is the real key, certs are more of a minimum knowledge.
Anthony Di Bello, Guidance Software:
I hope not. I believe practical experience and red/blue team exercises should be the main tool to confirm skill and experti-se in this field.
Elizabeth Houser, Praesidio: Likely yes, as the desire for certifications has been con-sistent over the years and most people are comfortable with that benchmark.
Roberto Langdon, Nicolas Orlandini, KPMG: Certification is a must to provide calm and confidence to the clients, that the people involved in the investigations and data acquisitions, are recognized pro-fessionals to do that, keeping the security triad CIA (Confidentiality, Integrity and Availability) of all the information gathe-red and processed.
T RAINING Will certification keep its role as the main
tool to confirm skill and expertise?
Chase Cunningham, Cynja: New certifications, like those from ISACA’s CSX program, will start to slowly re-place some of the “cookie-cutter” certifications that have typically garnered more interest. Recruiters are hiring personnel and senior managers with active performance based certifications at a higher rate than before. The old paradigm of studying for a certification and passing it will start to go away. If one can’t actu-ally conduct the task then they won’t get certified. Another way to put it, people prefer doctors who have practiced their medical skills on patients rather than simply reading books and passing exams. The same is true in cybersecurity.
Julie Herold, Kenny Herold, Odin’s Eye: We’ve always been jaded with regards to an acronym that states you can memorize information so we feel that any answer would be biased. Your work experience and end product should be the proof of your level of expertise as well as your ability to convince your client that A.) You know what you are talking about and B.) You can execute at that level. For clients that rely on the cer-tifications as a compass to navigate through the many vendors with these types of services, they do have their place.