Image via WikipediaI was reading a guest post over on Mark McKinnon's blog, Certifications are Evil.....By John McCash , which raises some interesting and controversial questions about the state of certifications.
The problem with certifications and most licensing exams, as mentioned in the post, is that they have little to no correlation with real world work.
Memorizing all the seven OSI layers and what they do might sound impressive, but knowing how to read a log file is more practical in incident response work.
Or being able to recite the structure of an Encase evidence file might be of interest to some people, but how practical is it in working actual cases? Not much.
Even the "practicals" I have seen are really not all that practical. They seem to focus on some specific skills that relate to the certification, but ignore the real world side of how a report would be done. Especially from a non-LE standpoint.
One thing I know from having taught hundreds of hours of various computer and software courses is that training, to be effective, needs to be 20% lecture and 90% hands on practice to really get the concept to sink in.
I would advocate immersion training any day over the standard training I see out there now.
The problem is that you can't cover as much in a short time period. So the cost of the training would be greater since it would take longer.
Developing mental "muscle memory" is much like developing physical muscle memory. It takes repetition, practice and immersion.
If you think about it, training someone in computer forensics, for instance, works much better if they are being trained in an environment where they start with some limited tasks, do those tasks until they master them and then move to the next set of tasks.
Much the same way I learned karate many years ago. I have a few broken bones to remember that by.
John McCash made some excellent points about how certifications as a filter can do the opposite of what an employer wants to do by excluding qualified candidates in favor of certified candidates.
Of course that is pretty much the way of the world these days. Having a college degree is a filter used in many job postings now, even if the degree has nothing to do with the actual job. So an experienced and qualified candidate gets a form letter while the degree holder gets an interview.
Given the choice I would always prefer to train my own people through an apprenticeship model augmented with specific training.
And since I am on the subject, I am going to rant about how overpriced computer forensic training is: $3,500.00 for a week's training? I do remember my math; for 10 students that is $35,000.00.
No wonder so many are not getting properly trained when it is so expensive.