Oho! Imagine my surprise when I jumped up onto Microsoft’s Born to Learn blog this morning to catch up on a family vacation day yesterday, only to observe this headline there: “Microsoft Certification Study Groups debut on Born to Learn.” And indeed, MS has decided to add study groups organized into major cert topic silos — namely, client, database, developer, and server (as the following screen cap illustrates) — under a brand-new “Study Groups” tab available at the Born to Learn home page.
Microsoft has apparently curated its available online resources and organized them into these topic areas, to make it easier for cert candidates to find stuff. There are also discussion forums and exam prep wikis available, on a per-cert-exam basis, where candidates can raise questions and audit answers, not just from fellow peers chasing the same exams and credentials, but also from Microsoft moderators (usually, this means MCTs and subject matter experts from the user community). Exam preparation wikis also point to general exam prep materials, as well as resources that map to the exam objectives for the relevant certification exam, selected based on feedback from other Microsoft online community members who’ve rated them online. MS also says that “new content is being added on an ongoing basis, so you may want to subscribe to these pages for updates.”
Long story short: if you’re chasing any current Microsoft certs, or have plans to pursue MS certification in the future, you’ll want to check out the new Study Groups tab available through Born to Learn.
As I was listening to NPR this morning, I heard economists and employment experts forecast the February numbers in a range from 150,000 to 170,000 jobs added. The overall consensus was that total employment would either remain unchanged at 7.9 percent, or that it might conceivably edge down to 7.8 percent. But when I cracked open the latest Employment Situation Summary from the US Bureau of Labor Statistics this morning, I learned instead that 236,000 jobs were added in February, and unemployment decreased to 7.7 percent instead. Here’s a precis:
Of course, those same economists who forecast the numbers about 28-36 percent below their actual mark are also concerned — and quite rightly so — about the impending impact of sequestration on employment numbers. Their consensus appears to be that some 750,000 jobs will be lost, and I heard more than one expert opine this morning that this could result in a dip of about 70,000 jobs per month on overall job growth numbers.
This is a serious concern, but if there’s any kind of silver lining in today’s numbers, it’s that deducting 75,000 from 236,000 (which results in 161,000 monthy job growth) hurts a lot less than deducting the same number from the 150,000 to 170,000 that had been the consensus forecast for upcoming monthly job growth for the foreseeable future. Prognostication is always a risky business, though: a look at the right-hand bar chart above shows that monthly employment numbers have been swinging through a wide range of late. Just last month, gains fell in the 110,000-120,000 range, where last November, they almost hit 250,000. That’s a case where one month nearly doubles another month, which speaks to wide variance in employment numbers from month to month. This makes solid, believable forecasts a little harder to achieve!
But for once, it’s nice to see reality (or at least, statistical reality as reported by the BLS) outstrip anticipation, and by a pretty wide margin. When further surprises arrive in the months ahead, let’s hope that they’re all equally positive. And on the IT front, Table A-14 also shows a very nice swing to unemployment for our sector: where IT had an unemployment rate of 8.4 percent in February 2012, one year later that number dropped to a fairly healthy 5.2 percent (anything in the range of 5-6 percent is regarded by most economists as “full employment”). The overall numbers also look pretty good: 247,000 unemployed in February 2012, versus 143,000 in February 2013. Given that healthcare receives notice in the high growth sectors mentioned in the preceding snippet I’m guessing that healthcare IT jobs are leading the way for our sector, too (for more discussion of this aspect of IT, see my UpperTraining blog from yesterday entitled “Healthcare IT Offers Huge Certification and Employment Opportunities“).
I saw an interesting article on TechRepublic this morning. Entitled “Four things that make your resume look dated,” by Toni Bowers, it digs into a short handful of potential sins to which resume writers are prone. While all of them are worth considering — and her story worth reading — I was forcibly reminded of a profound lesson I’ve learned (and re-learned from time to time) as a professional freelance writer.
That lesson is encoded in the title of this blog as “Know Your Audience,” but what it really means is the following:
- You understand your readers’ pain points and wishes
- You understand what your readers want to know
- You know how to speak the reader’s language
When it comes to writing resumes, Bowers’ points from her story can be re-interpreted in light of this basic principle of effective communication:
- You still have an objective statement: Bowers makes the very valid point that “…hiring managers couldn’t possibly care less what you’re looking for” and that “…the exercise is all about what you can do for the company you’re applying to.” I couldn’t agree more and also believe that the whole point of any communication in a resume is to show how you can add value through what you’ve done in the past and can do in the future, what you know, and what you can learn. Keep this in mind as you write a resume and the results will speak for you, as well as for themselves.
- Your resume looks like it was typed on a Smith-Corona:Her point is that the days of the typewriter are long since passed, and you can do interesting and visually appealing things in a word processor. You say a lot about yourself (and your knowledge of word processing or layout tools) in the way your resume presents itself to readers. If you can’t make the design stand up and bark on your own, get some professional help to snazz things up. This speaks to the desire of your audience to be amazed and entertained, as well as informed. Opportunities for entertainment are rare in a resume, so take advantage of this as much as you can!
- You consider yourself “hard working” or a “good communicator:”Bowers point here is subtle, but important — namely that any self-assessments you make in a resume are always subject to the charge of shameless self-promotion. Sure there has to be some shameless self-promotion in any good resume, but it works better if it’s less overt and more demonstrative. That means instead of saying those things in quotes, you provide examples that illustrate those points, and let the reader draw his or her own conclusions. Thus instead of “hard-working” you might say “Delivered 60,000 lines of tested, debugged Java code in 14 months, and returned the development project involved back to its originally planned schedule, reversing an anticipated delay of six months.”
- You offer references upon request: Bowers points out that employers can use Google as well as anybody else, and they will find such stuff on their own. Assume if an employer wants references, they’ll ask for them. Her advice is spot on “Save that part of your resume real estate for something important.”
Remember, your job in a resume is to explain how and why hiring you is going to help a prospective employer solve problems, make technology work better, and above all, make more money or deliver more services. If you can do that, you’ll get past the initial screening process, and may even get a shot at an interview. Happy job hunting!
Gosh, it seems like infosec topics have dominated the cert news and information lately. Today is no exception, as I report on one of the awards in SC Magazine‘s 2013 Winners — namely in their Professional Awards category. This year’s winner is the Certified in Risk and Information Control (CRISC) from ISACA, designated as the best professional certification program (presumably, in the information security field).
Also chosen as finalists were the following credentials: GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), GIAC Security Expert (GSE), ISACA Certified Information Security Manager (CISM), and ISACA Certified Information Systems Auditor (CISA). Does anybody else find it curious that only GIAC and ISACA certs made it into the finalist category? I certainly did, so I checked on the Judging Information page to see what it said about how the professional awards, including “Best Professional Certification Program” were made. Here’s what it says, verbatim:
With the exception of the Editor’s Choice Award recipient, winners in the Professional Awards category will be decided by an expert panel of judges. Like the Excellence Awards, not only are judges advised to review the materials provided by entrants, they also are asked to review any applicable research or analyst reports, product reviews by SC Magazine, and/or any additional documentation/input provided by SC Magazine and/or other Haymarket Media publications. In some cases, the panel may be offered further insight or add additional notes from SC Magazine’s editorial team members who may decide to interview or already have interviewed contenders. There will be one winner chosen per category.
That doesn’t seem like a terribly transparent set of judging criteria, but at least it’s an understandable one. What I guess I find interesting is the focus on news and information from the media company that owns SC Magazine. Aside from mention of “applicable research or analyst reports” (and that would certainly cover a host of sins), everything else seems to come through the Haymarket Media filter. I don’t mean to question the utility or value of any of the finalist certifications designated, and certainly earning the GIAC Security Expert is a lifetime achievement worthy of serious note. But there are a lot more (and more popular and/or more highly regarded, except for GSE) infosec certs out there that could at least have made finalist grade. I wonder at the omission of CCIE Security, CISSP (and its follow-on credentials), any of the ASIS certs (CPP, PCI, and PSP), and more. Very curious! It certainly would be nice to know more about the data and knowledge base from whence the judges drew to make their finalist and best selections.
There’s a big, bold, complex and new cybersecurity framework in town, and it comes from a source that seldom gets described using the terms “bold” and “new” — though “big” and “complex” are its stock in trade. Yes, that’s right: I’m talking about the government of the United States, specifically the Computer Emergency Readiness Team (CERT, aka US-CERT) in the Department of Homeland Security. The name of this program is the National Initiative for Cybersecurity Careers and Studies (NICSS), and it’s designed as a massive source of information on cybersecurity for the general public, students and their teachers, cybersecurity professionals and managers, policymakers, veterans, and other folks, too.
While it provides general computer and Internet security information, including an interesting Cybersecurity How-To Guide, its most important aim is to provide information for those interested in studying the topic, and for those interested in pursuing a career in cybersecurity. The organization is in the process of assembling a training catalog that will combine pointers to academic, professional, vocational, and commercial training in cybersecurity, with a massive collection of information about cybersecurity-related work categories, with job roles and titles and KSA (Knowledge, Skills, and Abilities) inventories to go with them, all in the context of a Cybersecurity Workforce Framework. These are divided into the 6 categories shown in the following figure, further organized into 31 distinct specialty areas.
Ultimately, this mammoth collection of information will be indexed and organized by an “Education and Training Catalog Search” tool that will let interested site visitors find courses by any of the various ways of slicing and dicing coverage and content for various cybersecurity job roles. Right now, there’s only a dummied-up demo catalog to play with that lacks any real data. But even that is interesting to visit and play with, and there’s a lot to learn about how modern IT is organized and practiced by perusing the categories and specialties that the catalog (and other information silos on this website) covers.
To me, of course, the most interesting area in the site is the section on “Professional Certifications,” which currently features 26 different credentials (CISSP and SSCP are each listed twice for some reason but I only counted them once) out of a field of 120-130, as far as my most recent but still incomplete information security certification survey for 2013 goes. Here’s a compacted list of what’s mentioned:
|NICSS Table of Recognized Cybersecurity Certs|
|(ISC)² Certified Information Systems Security Professional||DRI Master Business Continuity Professional|
|(ISC)² Systems Security Certified Practitioner||Electronic Commerce (EC) Council Certified Ethical Hacker|
|(ISC)² Certification and Accreditation Professional||GIAC Certified Incident Handler|
|CERT Certified Computer Security Incident Handler||GIAC Information Security Fundamentals|
|Certified Hacking Forensic Investigator||GIAC Security Essentials Certification|
|Certified Expert Penetration Tester||GIAC Security Leadership Certification|
|Certified Wireless Security Professional||GIAC Systems and Network Auditor|
|CompTIA A+||ISACA Certified Information Security Manager|
|CompTIA Network+||ISACA Certified Information Systems Auditor|
|CompTIA Security+||Security Certified Program (SCP) Security Certified Network Professional|
|DRI Associate Business Continuity Professional||Security Certified Program (SCP) Security Certified Network Architect|
|DRI Certified Business Continuity Professional||Certified Hacking Forensic Investigator|
|DRI Certified Functional Continuity Professional||Certified Penetration Tester|
I don’t see too many surprises there (though given the DoD’s recognition of the CompTIA Advanced Security Practitioner, or CASP, just recently I do expect it to show up here sometime soon as well). I’ve had enough trouble getting solid, objective info on the Security Certified Program (SCP) credentials that I’ve kind of written them off; their appearance here with the SCNP and SCNA is surprising, and I’m also a little surprised to see that none of the Cisco security certs made the grade, even though CCNA and CCNP Security are on the same DoD cert list that CASP just joined recently (that DoD Information Assurance or IA registry is documented in the 8570.01-M Manual). But again where government agencies are concerned, I don’t necessarily expect them to be completely in synch with one another: the DHS is not part of the DoD, after all.
For those not already in the know, the Department of Defense (DoD) has approved the CompTIA Advanced Security Professional (CASP) credential for addition to its baseline list of acceptable information security/information assurance certifications for the following levels:
- IAT Level III (Information Assurance Workforce Technical Level III): A description of this level of attainment is available at IA Academy and in the 8570.01-M Manual.
- IAM II (Information Assurance Management Level II): A description of this level of attainment is available at IA Academy and in the 8570.01-M Manual.
- IASAE Level I and II (Information Assurance Workforce System Architect and Engineer, Level I and Level II) IA Academy links for L1 and L2 at left, and also covered in the 8570.01-M Manual.
What makes this decision interesting is discussed very nicely in a 2/23/2013 article on Steve Linthicum’s Certification Site entitled “CASP-CompTIA Advanced Security Practitioner News” wherein the author opines as follows:
“What will ‘sell’ this exam to DOD employees and contractors seeking to meet the requirement of DOD Directive 8570.0 is the fact that it’s cost ($379) is substantially less than (ISC)2 charges for the CISSP exam ($599), coupled with at least a perception that it is easier than the CISSP.”
Currently study guides for the CASP are available from Sybex (Michael Gregg and Billy Haines, February 2012) and McGraw-Hill (Wm. Arthur Conklin, Gegory White, and Dwayne Williams, September 2012), and both books get pretty good reviews. If you can meet the CASP experience requirements (10 years in IT administration, including 5 or more years of hands-on technical security experience), the exam includes 80 questions (versus 250 questions for the CISSP) over a 2.5 hour period (versus 6 hours for CISSP). That’s probably the primary source for the belief that the CASP exam is easier than the CISSP, cost issues notwithstanding. This could be a great option for those who want to (or must) meet mandatory DoD IA certification requirements. For more information, I blogged about the CASP at PearsonITCertification on June 1, 2011 in a post entitled “CompTIA Ventures Beyond Entry-Level with CASP Credential.”
There’s an interesting press release from CompTIA up on their website this morning, entitled “Healthcare Providers Expanding Use of Mobile Technologies…” Because I just blogged on this very topic for Windows Enterprise Desktop yesterday (see “Dell Latitude 10: Viable Healthcare Tablet Option?“), this report struck something of a chord with me. And when my old Novell buddy, Mickey Applebaum, commented to me on Facebook that Acer also has “…a dedicated medical care section and are even listed in the Medical Product Guide as a provider of technology products to healthcare professionals” and that he has “…hooked several doctors’ offices [up] with Acer Direct…” for such sales, something of a pattern started to emerge:
healthcare IT = EHR + mobile + hunger for innovation(remember, EHR stands for “electronic health records,” and represents US government jargon for the phenomenon that’s currently revolutionizing medical data storage, as the vast majority of medical records make the transition from purely paper-based to entirely digital forms. Because the CompTIA press release lumps EHR with EMR below, I should also explain the EMR stands for “electronic medical records” as well).
Bingo! In that context, the CompTIA information comes as no surprise whatsover, and these eminently repeatable factoids from same make very good sense indeed (all of the following bullet points are verbatim quotes, somewhat abbreviated where ellipses appear, from the CompTIA press release cited above):
- healthcare providers are on the cusp of expanding their use of smart mobile devices from routine business activities, such as e-mail and scheduling, to more advanced, care-specific uses … examples include medication monitoring and management, remote access to health records[,] and assisting patients in managing insurance claims.
- while most healthcare providers are in the early stages of adopting and incorporating mobile health and other technologies into their workflow, the research points to high levels of interest and experimentation … a net three in four healthcare providers surveyed believe mobility is having a positive impact on healthcare.
- one in five physicians with a mobile device capable of supporting apps uses health- or medical-related apps on a daily basis … over the next 12 months, healthcare providers expect to increase their usage of medical apps to … where 62 percent are relying on these apps at least a few times per week.
- CompTIA data indicates that about six in ten healthcare providers have at least some elements of an EMR/EHR system in place.
- CompTIA research … points to a more positive attitude toward EMR/EHR among healthcare providers this year … a net satisfaction rate in the low 60s indicates acceptable performance, but leaves a sizable segment of users seeking improvement…
- Fewer than half of healthcare providers acknowledge being fully prepared for their transition to electronic health record[s].
Obviously, equipment makers, solution providers, and system integrators all smell big opportunities for mobile healthcare IT, for everything from acceptable devices to specialized applications and systems that target healthcare professionals who might use those devices. I hope it’s equally obvious that there’s HUGE certification, employment, and career advancement potential here as well, and that interested IT professionals should keep in mind that there’s lots of money in healthcare, where some of it inevitably trickles down and into IT.
To that end, interested readers might want to consult a pair of pieces I wrote for Tom’s IT Pro on the subject of healthcare-related IT certifications:
- Top 5 IT Certifications in Healthcare (March 20, 2012)
- Healthcare IT: The Lowdown on EHR and Stimulus Certifications (December 3, 2012)
There’s a LOT of opportunity for IT pros who are interested in working in or around healthcare, and there are lots of certifications designed to help them find their way into this field. If this appeals to you, be sure to check these things out.
In total keeping with the company’s recent emphasis on Data Center certifications for CCNA, CCNP, and CCIE, Cisco blitz on that burgeoning aspect of IT operations also includes numerous free weekly Webinars, past, present, and future. Here’s the current line-up, divided by what’s already out, what’s coming soon, and in the queue for future delivery (a Cisco learning registration/login ID is required to access any links provided below):
Preparing for your CCNA Data Center Cert Studies (slides, watch now)
Introduction to the Nexus 1000v (slides, watch now)
Introduction to Unified IO (slides, watch now)
Describe the Cisco WAAS Need and Advantages in the Data Center (slides, watch now)
NXOS Command Line Introduction (available soon, already recorded)
Introduction to Fibre Channel Concepts (available soon, already recorded)
Intro to Cisco ACE (available soon, already recorded)
Introduction to UCS (February 28, register)
Introduction to FCoE Protocols (March 7, register)
NXOS Advanced Features (vPC, FabricPath, OTV) (March 14, register)
Nexus 1000v Deep Dive (March 21, register)
SAN Zoning (March 28, registration link coming later this week)
FWIW, I see a pattern emerging here where Cisco keeps the queue about two months out, and updates its offerings every week. Thus, you’ll want to keep dropping into the Data Center Technical Webinars page to check out the latest and greatest offerings for future registration, and/or to view additional pre-recorded elements as they become available for download.
Over at “IT Certification Master” Mirek Burnejko strikes some interesting paydirt as he lays out a story on “10 of the Hardest IT Certifications to Get.” In that story, he provides brief profiles of his current choices for the hardest IT certifications to earn nowadays, among the 700-800 items available to IT professionals right now.
Here’s his Top 10 list, delivered Letterman-style in reverse numerical order:
10. Certified Wireless Network Expert (CWNE)
9. CCIE Data Center
8. Red Hat Certified Architect (RHCA)
7. VMware Certified Design Expert — Datacenter Virtualization (VCDX)
6. Offensive Security Certified Expert (OSCE)
5. Oracle Certified Master (OCM) DBA 11g
4. GIAC Security Expert (GSE)
3. ITIL V3 Master
2. Microsoft Certified Architect (MCA) Windows Server: Directory
1. Cisco Certified Architect (CCAr)
I really can’t quibble with any of his choices, though I would add some additional observations:
- Any of the CCIE credentials could appear in place 10 (or elsewhere in the list) because of their level of difficulty, expense, and time commitment required to earn one.
- The SAP Consulting certifications are also pretty expensive, demanding, difficult, and scarce, and might be worth a place in a future such list, if not the present list.
- Architect-level certs rightfully make a couple of appearances on this list, and there are numerous other such credentials from which one can choose. See my stories “Senior-level Certification: IT Architect Credentials Can Open Career Doors” and Bredemeyer Consulting’s excellent bibliography/overview piece “Architect Role and Skills” for more information on this fascinating and demanding IT specialization.
- The placement of these certs in the order depends on some interesting and subjective assessments from Mr. Burnejko. I don’t always agree with those assessments, but again these are quibbles. Thus, for example, I’m not sure that the MCA deserves to be so close to the top (I’d switch places between it and the GSE, for example, because of the sheer amount of work and ongoing cert maintenance required to keep up that pinnacle GIAC certification).
All in all this is a great story that highlights some interesting and sometimes perversely difficult IT certifications. It does lay out some “supreme goals” for the super-Type-As among the IT professionals out there, and should be enough to keep most readers busy for several lifetimes!
Those interested in exploring or better understanding IT opportunities in the cloud — especially as such things intersect with Microsoft products and technologies — should jump right up to the Microsoft Certified Career Day Web page that focuses on “Get in the Cloud” and register for the free broadcast scheduled for March 12, 2013 from 8:30 AM to 12:35 PM Pacific Time (-08:00 UCT). That day’s agenda features the following items:
- 09:00 – 10:15 Live Industry Panel on cloud-based career opportunities features various MS heavyweights, an MVP and college instructor, and Paul Thurrott, all interacting and dispensing insight and advice for virtual attendees.
- 10:15 – 10:30 A brief but surely interesting interview with Windows guru and MS Technical Fellow Mark Russinovich on the ins and outs involved in helping organizations transition into cloud computing.
- 10:30 – 11:30 A Windows Server 2012 live product session with MS senior technical evangelists Rick Claus and Joey Snow, with an overview on training opportunities to learn cloud-related technologies in and around the Windows Server 2012 platform.
- 11:35-12:35 A SQL Server 2012 live product sessions with senior technical product manager Dandy Weyn, and senior product marketing manager Jennifer Moser, as they discuss business intelligence support scenarios that SQL Server 2012 brings to organizations, and MS training and technology offerings designed to support use of such tools and technologies.
This promises to be an interesting and informative educational encounter for those who want to explore Microsoft’s support for cloud-based platforms, tools, and technologies, and to get a sense of what kind of training and certifications Microsoft has built around such things. Be sure to register soon if this includes you: the live session is bound to fill up quickly (though a recorded version will surely be available about one month after the live delivery date, you’ll have to move quickly to get in on the initial delivery).