In a recent posting to one of my blogs here, a reader indicated that he or she had spent “six figures” on obtaining numerous certifications over the course of a professional career of some standing. At first, I was staggered to read a number of this magnitude, but then upon reflection it occurred to me that if broken down or compared to other kinds of educational or career development costs, it is neither terribly shocking nor too extreme.
Ponder these items, as you seek to digest the news that the costs of certification can indeed add up over the course of a professional career in IT:
- The average cost of a bachelor’s degree in 2009 was $25,143 per year at a private college and $6,585 at a public institution. Over four years this adds up to $100, 572 and $26,340 respectively at relatively current cost levels. Then, recognize that it takes more than 4 years for most undergrads to finish their degrees nowadays (at least an extra semester, sometimes two or more).
- The average cost of a master’s degree runs from $10-15,000 on the low end to just under $100,000 on the high end (such as an MBA from a top-flight school like Harvard, Stanford, or Wharton).
- A mid-range certification like the MCITP, CCNP, or CISSP can easily cost $500 to $1000 for exams, $500 for study prep materials and practice exams, and up to $5,000 for classroom training to prepare for the exam. Out-of-pocket costs usually range from $1,000 to as much as $6,500 to earn the credential to begin with, and another $300-500 a year to maintain (for exam retakes or continuing education costs) currency after the cert has been earned. Factor in the time involved at even a modest $25 an hour, and in most cases you’ll add $5,000 to $10,000 to the cost of each certification earned.
- A high-end cert like the CCIE can cost a lot more: $350 for the written exam and $1,400 for the lab exam (which also requires travel and lodging costs as well, unless you’re lucky enough to live in one of the handful of cities or metro areas around the world where a CCIE test lab is located). Most people take the exam two times, many may even go to three times, so it’s not at all unusual for out-of-pocket costs for the CCIE to run from $10,000 to $20,000, including lab access and lab test costs, but not costs for time spent preparing (again, add another $10-20K to cover this if you must).
- Certifications age out of the mix over time, and must be replaced with newer ones. So, although you need earn a degree only once, keeping certs current adds an ongoing source of out-of-pocket expense plus time and effort. Over the years this can add up. Even an individual who keeps only two or three certifications current can easily spend over $100K over the course of 20 or more years working in IT.
So maybe “six figures” is to be expected, rather than to be marveled at, or shied away from. When I look at what I’ve spent to buy materials, take exams, and conduct research for the many certification topics I’ve written about, it certainly makes sense for me — and then some. How about for you? Do some back-of-the-envelope calculations and post your lifetime cert outlays here, too.
Some recent issue of the MCP Flash newsletter must have shared this news, but I’ll be darned if I can find the actual word that the exams for the Microsoft Certified Desktop Technician (MCDST) would be retired on March 31, 2011 anywhere. You can see the “exam retires” news for both 70-271 and 70-272 on the MCDST page and the Discontinued Exams list from MS Certification Exam Development page also indicates that the MCITP upgrade exam to the MCITP (70-621) will be retiring on 3/31/2011 as well.
Thanks to Anne Martinez for bringing this to my attention in her latest “Certification Watch” newsletter (Volume 13 #14). Clearly, this means it’s time for those supporting Vista or XP to move ahead to Windows 7, and to start targeting relevant MCTS and MCITP certifications instead. Don’t delay: jump on the new platform now!
Heh! I get phone calls from telemarketers all the time because I often have to register for downloads that I want to write about for this blog and other Websites and publications. I’m sure I’ve got another phone call from Global Knowledge coming, thanks to what I’m about to tell you here (in fact, I got a call from a reasonably savvy telemarketer for the company just last Friday, who immediately understood that when I told him I taught the occasional certification class and was the creator of Exam Cram that I probably wasn’t a member of his target audience).
Nevertheless, for those interested in information security training and certifications the recent Security Training Catalog is probably worth a visit. A quick list of its contents will help explain why I make such a possibly outrageous claim:
- Elements to meet 8570.1 Compliance requirements
- Security+ Overview/Prep Course (Course #9829)
- CISSP Prep Course (Course #9840)
- CEH (Certified Ethical Hacker) Prep Course (Course #9844)
- Foundstone Ultimate Hacking Course (Course #9810)
- Check Point Secuirty Administration R70 Course (Course #9881)
- Other courses: Blue Coat Certified Proxy, Computer Hacking Forensic Investigator, F5 Big-IP Local Traffic Manager, McAfee Firewall Enterprise System Admin
- Implementing Cisco IOS Network Security (IINS; Course #5241)
- Cisco Security Monitoring, Analysis, & Response System (MARS; Course #5731)
- Cisco Security Networks with ASA Fundamentals (SNAF; Course #5698)
- Implementing Cisco Intrusion Prevention System v6.0 (IPS; Course #5702)
- Microsoft Defening Windows Networks (Course #6128)
- SonicWALL Network Security Essentials Admin Training (Course #0400)
- Secure Remote Access Admin Training v10 (Course #0402)
It’s a great mix of courses that is sure to contain elements of interest for most medium- to large-size businesses and organizations. Download your own copy and check it out (but watch out for follow-up phone calls!)
In a story for CertCities dated 8/31/2010, veteran Cert-guy Emmett Dulaney scoops the news that Windows 7 coverage will be included in an as-yet-unscheduled future release of the CompTIA A+ exams. Because of the time lag between new OS releases and exam updates, this kind of thing is inevitable, but it’s nice to see CompTIA responding to a major and successful new OS release from Microsoft as fast as their internal development cycle allows.
The current version of the A+ includes exams 220-701, CompTIA A+ Essentials, and 220-702, CompTIA A+ Practical Application, together also known as “the CompTIA A+ 2009 Edition.” Given CompTIA’s usual development cycles (it takes them at least 22 months to revise an exam from the point at which they begin work, because of their rigorous and painstaking employer interviews, job task analyses, and question development and qualification processes), it’s going to be a while before we see these changes slipstreamed into the next edition of an A+ exam, however.
In his story, Dulaney reports that “…Windows 7 questions will be integrated into the two existing A+ exams” (which would presumably then be numbered 220-801 and 220-802). CompTIA isn’t talking about dates just yet, but I’d be suprised if the exam appeared sooner than a year from now (September 2011) and wouldn’t be surprised at all if it didn’t appear until Q1 2012 or later. The current exam still includes some Windows 2000 questions, so Dulaney’s speculation that the Windows 7 materials may supplant those questions seems entirely reasonable to me, but only time and the sometimes mysterious inner workings of CompTIA will tell!
I was on the masthead for Certification Magazine from 1999 to 2008, both as a contributing editor and for a while also as “Technology Editor.” I probably wrote at least 200 articles for that publication during my tenure there, and the work was always interesting and rewarding — at least for me, but hopefully also for the readers of my work as well.
This morning, I turned to the site to see what was up and came across the article whose title also provides the title for this blog — namely, “Establishing a Career Path in Information Security,” by noted information security and storage expert Ken Wager. Simply put, this is a great article that responds to the following question from a recent college graduate in IT:
I have completed my degree in IT. I want to pursue a career in information security. Which path should I follow? I have done Java. Should I go for the Cisco Certified Network Associate (CCNA) or directly for a Certified Ethical Hacker (CEH) course? Is there any other better option?
Ken’s answer to the question is both thorough and insightful. He walks his interlocutor through the steps involved in boosting and steering a fledgling IT career in the infosec direction. His primary topics inlude methods to expand on skills and knowlege, obtaining certification and on-the-job experience, pursuing one’s personal and professional connections (the non-technical variety of “networking”), pursing advanced professional registrations, and keeping your nose clean (as with law enforcement, stains on your record can keep you out of information security positions as well).
This is a must-read piece for anybody who’s ever thought about steering their career in a security direction, even for those with more miles (and perhaps even a few gray hairs) on them. Enjoy!
I just got the green light from the publisher of my college textbook on TCP/IP (Guide to TCP/IP, 3e, by Laura Chappell and Ed Tittel, Course Technology, ISBN: 1418837555) for a new fourth edition to get underway starting next month. Given the final and unavoidable occurrence of “IPv4 address exhaustion” now predicted for some time later this year or perhaps next year (see the IPv4 Address Report page for a regularly updated tally and “X-day” projection, or download this Sidebar Gadget to put the counter on your own desktop), this next edition of the book is going to increase its coverage of IPv6 while retaining information about IPv4.
My belief is that even if IPv4 addresses run out, IPv4 networks aren’t going away. That means methods to interlink the two different versions of IP will become more important, as will construction of all-IPv6 new networks for experienced and tyro networkers alike. I’m looking for input from the reader community about which aspects of IPv6 and IPv4-IPv6 interoperabity are most important to them, and which issues they’ve found most challenging or difficult to solve in achieving reliable operations.
For my own part, I’ve learned some very interesting things about SOHO networking gear as I’ve started to research this topics:
1. The vast majority of SOHO routers (especially Ubicom-based switch/router/firewall/Internet boundary devices) — that is, those with interfaces for cable modem or DSL Internet link-ups — offer no or only very little IPv6 support. For example, my D-Link DIR-655 does not support IPv6 directly (you need a D-Link DIR-825 or better to get the support for IPv6-to-IPv4 tunneling that’s usually deployed to link a small IPv6 network to IPv4 Internet access from an ISP).
2. The vast majority of ISPs in North America still don’t offer native IPv6 support to their customers (I can’t even find a clearinghouse for information on ISPs in US, Canada, or Mexico that offer IPv6 support to customers; my own provider, RoadRunner under the Time Warner umbrella, tells me that they’re planning to deploy native IPv6 support “some time in 2011″ but can’t be any more specific than that right now)
3. There are lots of good how-tos available on setting up and using IPv6 on private LANs, including these relative gems:
- Microsoft TechNet IPv6 How-to plus Install and Configure IPv6
- Simple IPv6 HOWTO
- Setting up IPv6 in a home network plus Take 2
- Step-by-Step Guide for Setting Up IPv6 in a Test Lab
4. IPv6 Guru and CCIE Scott Hogg offers up some interesting ruminations on Windows 7 and IPv6 in his Network World blog “Windows 7 IPv6 Support” (1/29/2009, so it may be a bit outdated, but is still pretty interesting). Joseph Davies (Microsoft’s “The Cable Guy”) has a July 2009 piece that covers the same ground entitled “Support for IPv6 in Windows Server 2008 R2 and Windows 7.”
If others know of good resources in this general arena, please post in a comment on this blog. Do also please let me know if you’re running IPv6 on part or all of your networks: the bigger the deployment, the better!
OK, it’s that time of month again, when Microsoft posts its planned Learning Product releases for the current month. Lots of new elearning stuff, numerous exams translated into other languages, and community courses (instructor led training that MS Certified Partners offer, created by the MS learning community, different from Microsoft Official Curriculum, or MOC courses) are becoming available.
Numerous MOC classes for Exchange Server 2010 will become available on 9/22, including Designing and Deploying Messaging Solutions, Intro to Planning and Exchange Server 2010 Deployment, Planning the Exchange Server 2010 Infrastructure Environment, Planning and Deploying Client Access Services, and Planning and Deploying Message Transport. 6 other Exchange Server 2010 classes will also hit that same day. Likewise, a half-dozen Sharepoint 2010 MOC classes, plus 4 CC classes will also hit during the month of September as well.
And finally Exam 70-681 TS: Windows 7 and Office 2010, Deploying, will go live on 9/24/2010. For all the details, please visit the Microsoft Learning Product Releases for September blog.
This morning’s latest Employment Situation Summary for September, 2010, from the US Bureau of Labor Statistics says a lot by saying very little. Total unemployment edged up very slightly from 9.5 percent last month to 9.6 percent this month. Total employment dipped very slightly again by 54,000 jobs, but that includes another 114,000 temporary US Government Census workers leaving the payrolls, offset by 67,000 workers added in the private sector. According to this latest summary “From May through August, the jobless rate remained in the range of 9.5 to 9.7 percent.”
To me, the most depressing number in this week’s report is the tally of discouraged workers, currently at 1.1 million, defined as follows “Discouraged workers are persons not currently looking for work because they believe no jobs are available for them.” Another 2.4 million are marginally attached to the labor force, which means “These individuals were not in the labor force, wanted and were available for work, and had looked for a job sometime in the prior 12 months.” They are not counted as unemployed, however, because they had not looked for a job in the four weeks that preceded this latest survey. That means the real tally of unemployed in the US right now is the official count — 14.9 million — plus the 2.4 million “marginally attached” individuals just mentioned, for a total of 17.3 million out of work in varying degrees of workforce engagement.
Yikes! Things aren’t getting too much worse at the moment, but they’re not getting any better, either. This can’t be a good omen for the Democrats, as the party in power, with mid-term elections now less than three months away.
Looking at IT, things are holding steady with a net loss of 1,000 Information jobs (see Table B-1) over the past month. Telecommunications (-3,600) and data processing (-1,300) lost the most jobs, while publishing (+300), motion picture and sound recording (+800), broadcasting (except Internet, +1,600), and other information services (+300) all eked out modest gains.
Obviously, there’s a whole lotta nothin’ going on right now, in IT in particular, and in the economy in general. For me the “Big Question” has to be: “When things get moving again, will they be going up or down?” I’ll be darned if I can tell.
As I was reading the business section in today’s Austin American-Statesman, I came across a paragraph in an AP wire story by Martin Crutsinger entitled “Consumer Spending Ticks Up; Earnings Also Rise Slightly.” It contains the best summation of our crazy economic doldrums that I’ve seen anywhere, so I thought I’d share it with you this morning. Here goes:
Without job growth, consumers are not expected to spend much more. But the economy is growing too slowly to support sustained hiring, and companies are waiting to see more demand from consumers. That has left the economy stuck in limbo.
It really does seem like we can’t go forward, and we can’t go back, but are indeed truly stuck in a situation that is neither recession nor true recovery, but some godawful intermediate state that partakes of the worst rather than the best of both worlds. Without consumers to pull things out of the dumps, companies aren’t willing to hire more people; without the money that comes from secure employment and a decent paycheck, consumers aren’t willing to spend while they’re waiting for things to improve.
Gadzooks! We can now only wish for some kind of bolt from the blue to shock us out of the current stasis. But then again, “shock therapy” also has its downside. Sigh, and sigh again. I guess that means this Friday’s job numbers from the US Bureau of Labor Statistics will be even more poignant than usual, unless they take the weekend off for Labor Day (but no, the BLS Release Schedule 2010 says they’ll publish on 9/3/2010 as per their normal “First Friday” timing. Stay tuned!).
Boy, it’s been tough out there on the economic front lately. Last week, we got word that jobs are not likely to grow any time real soon across the whole economy, and that the housing market is showing serious weakness now that the stimulus money for homebuyers has come to an end. (The spigot was closed at the end of June, but it takes a month for the numbers to catch up with the situation on the ground, given typical reporting lags, so we just got the “official bad news” last week that housing purchases were down by 27% for July, with the lowest numbers for the past 15 years).
That’s why I wanted to post a link to an article by Lisa Vaas for the Dell-sponsored ITExpertVoice site that posted last week. It’s entitled “Tech Hiring Creeps Back to Health” and it actually manages to shed a small ray of sunshine on what has otherwise been a grey and dismal IT job market for the past year and more. It’s a small ray of sunshine because — as the story’s lead-in paragraph says — when it comes to IT job growth
…its recovery pace is akin to that of a snail going about its business after recovering from a coma.
In other words: painfully slow. But Vaas does point to several factors causing IT hiring and promotions to improve, if ever so slowly:
- giving into a pent-up need to implement projects shelved because of the recession and subsequent economic slowdown
- a better sense of financial comfort from companies now into the second halves of their fiscal years, with better information about their situations, and a higher sense of confidence about spending the hiring budgets at their disposal
- some modest increases in demand for new technologies and deployments such as Windows 7 and/or Windows Server 2008 (original or R2)
- a modest boost in IT functions for the healthcare, transportation, education, and some aspects of the construction sectors, with continued strong demand for IT people from Wall Street
There! You’ve had your ray of IT jobs sunshine. I hope it doesn’t cause any unpleasant side effects. All I can say is “Please sir, may we have some more?” Preferably, lots more, and sooner rather than later. Sigh.
Shameless self-promotion note: Please check out my latest story for Dell’s ITExpertVoice site, which posted publicly last Friday. It’s entitled: “Why Buy Real KVMs, When Virtual KVMs Will Do?” (and lest you think I advocate wholesale abandonment of physical KVMs, this story not only explains how remote access technologies can supplement and to a certain extent supplant KVMs, but also when real, physical KVMs are still necessary to obtain access to key servers and other devices).