As a holder of the GSEC cert and a local mentor for the same program, I've been following all of these discussions quite intently. One thing I have noticed is that people are forgetting a couple of things.
Anyone who takes one of these certifications (MCSE, GIAC, CISSP, etc) is learning. The GIAC courses in particular contain a huge amount of high-quality material that people should know and probably don't. Authors like the one above seem to forget that.
Also, just as there is very little value in having an MCSE without some practical on-the-job experience, anyone could apply themselves and write a GIAC exam and practical if they had the time, even if they hadn't done any security work to begin with.
Employers need to take some responsibility when they hire a certified person and check out that they actually have the abilities that the certification implies they should have. If they fail to do that it shouldn't be the fault of the educator.
Oh, one more thing... Why doesn't everyone let SANS actually develop their new exams and then pass judgement? Everything at this point is just speculation.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/311/31214#31214