The CISSP was never intended to be a technical cert. It's for managers, to certify that in the week before the test they learned what most of the words mean by cramming (and then likely forgot half of them). The funniest part to me is that I've never met anyone who thought it was actually a good measure of security knowledge, and yet it's widely acknowledged as the benchmark for being a security professional.
It's also a great example of the network effect; it's only valuable because lots of people have one. Therefore, you can use it as part of the HR screen and still get some people through to interview.
I feel the best analogy for CISSP is 'an mile wide and an inch deep'. I was under the impression it was a baseline certification to filter out those who don't know the basics.
5 comments
[ 5.0 ms ] story [ 18.5 ms ] threadIt's also a great example of the network effect; it's only valuable because lots of people have one. Therefore, you can use it as part of the HR screen and still get some people through to interview.
I've met CISSP qualified managers who think it's amazing.