You may have read that Gartner projects IT spending to increase in 2011. It’s great news that may lead to hiring new staff or at least new consultants for your IT and information security projects….Just proceed with caution and don’t fall for the “I’m certified therefore I’m all you need” persona that’s rampant in our industry.
There are a lot of people out there looking for work – many of which have added one, two, perhaps five or more IT/security certifications such as CCNA and CISSP to their names over the past year. But you have to be forewarned: just because someone has passed a certification testing regimen doesn’t mean he or she is going to be 1) a disciplined worker, 2) a good communicator, 3) have goals, or 4) possess that sticktuitiveness required to succeed in IT.
Certification only goes so far. In fact, I’ve often found that the more certifications one has the harder he or she is “trying” to prove something to mask other deficiencies (likely the very things you’re in need of). Ironically, some of the sharpest and most productive people in IT and infosec have no certifications at all.
It’s a harsh reality but it is what it is. Buyer beware.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”