| > The notion of a national certification plan is being laughed at by anyone who is in the industry for the right reasons Yes but the majority of enterprises are not in the industry. These stupid certifications are being pushed by our largest accounting firms (where Arno Brok is connected), and these are influential to business leaders. > Troy made CEH PluralSight content because PluralSight's people wanted it I hadn't considered that. Good point. >the focus is on useless certifications and compliance It's hard to explain to people in "real" security just how hopeless the current "compliance security" situation really is. Consider this situation. A user goes on holidays for two weeks. Before leaving, they turn off their laptop and lock it in a cupboard. I've just described a critical incident. I can expect to be writing up incident reports, and reporting to management on "root cause" and how we can avoid this incident recurring. Can anyone in "real security" even see the problem? Why, after two weeks, their desktop antivirus is out of date. |
I feel your pain in those latter points.