When I was a kid growing up, television advertising was still a novelty, and many of the commercials I remember were about which company made the better cola: Coca-Cola or Pepsi. The most recent few years have witnessed the dominance of insurance company advertisements. Apparently, you can convince consumers to switch insurance companies by amusing them with a variety of quirky spokespersons like cavemen, athletes, geckos, and emus. At least two companies offer drivers discounted insurance in return for putting a surveillance device inside your car to track your driving habits. Americans love a discount according to Green Bay Packers’ quarterback Aaron Rodgers.
Get What You Pay For
Yes, discounts are in our national blood. Historically, however, Americans aren’t usually comfortable haggling over prices on-site. Unless you have a job like Mike and Frank of American Pickers, you and I are likely to do our research ahead of time and make a take-it-or-leave-it decision at the point of sale. Or we choose to shop either online or a brick-and-mortar business that we have learned to have the best prices for items we use. We want the best price, but our culture doesn’t easily support negotiations at the point-of-sale like you would encounter at a Moroccan bazaar or Brazilian fresh food market.
For some odd reason, when I travel and speak at conferences, I am often asked for discounts on the products my employer provides. I work for a certification association that provides boot camps and other training options for qualified people to sit for our difficult and time-consuming examinations. These are arduous tests designed specifically to ensure people who are awarded the certification meet the strict competency requirements for various aspects of the profession of cybersecurity.
Now if you’ve been keeping up with the news, it is clear cybersecurity personnel are in demand. Cybersecurity professionals will often choose to be tested for any number of available certifications and other industry recognition from vendors, training organizations and professional associations like ours. These awards then allow them to demonstrate certain competencies to employers or others for career development purposes. It is not a perfect system, but it is tailored to define expertise beyond a high school diploma or college degree.
Certifiable
Recruiters and human resources personnel like these certifications because they offer a kind of knowledge short-hand metric to screen and validate those seeking employment. Of course, this system is rife with misunderstanding, misuse, and even fraud. Often, hiring managers don’t know how to promulgate accurate position descriptions and recruiters don’t know how best to promote their clients. People have been found falsely claiming certifications they didn’t earn. These disconnects are then called out to discredit the system.
Despite their limitations and misuse, certifications remain a key element in the burgeoning marketplace for cybersecurity talent. Yet, here are people coming up to me and pitching for a discount on their certification – either for the boot camp, the examination, or both. I wonder if these same people would haggle over the cost of a bachelor’s degree at a state university. Can they demand a reduction in the interest rate on their government-backed college loan? Would they request a discount for their entry fee to a concert by a big-name band?
I respect everyone who wants to get the best deal, but there are certain items where the cheapest price isn’t usually the best value. Always at the top of such a list is toilet paper followed by nursery items, kitchen appliances, home repairs and paint. An investment in one’s cybersecurity education should also be added to that list. There are readily available statistics and surveys showing the range of jobs and salaries in our profession. The current outlook is rosy. Putting your money into preparing the best way possible for a cybersecurity career is today’s smart move. At least as smart as buying the good toilet paper.
About the Author: John McCumber is a security and risk professional, and author of “Assessing and Managing Security Risk in IT Systems: A Structured Methodology,” from Auerbach Publications. If you have a comment or question for him, e-mail [email protected].