Read what Prabir Panda had to say on LinkedIn: https://www.linkedin.com/pulse/to-be-or-not-prabir-panda-phd-itp-cciso-ceh-cbp-ccna/
I always felt that certifications, and acquired skills & experience are a sort of chicken and egg situation. CBoK is actually codification of the knowledge and wisdom that one acquires/ learns with years of on the job experience. This readily available body of knowledge guides inexperienced and experienced practitioners (equally) in building upon the codified best practices. As segregating chaff from the wheat is very difficult for the potential employers especially given the number of resumes received for an advertised vacancy or in limited time during face to face interviews, the cybersecurity certifications are heavily relied upon, during all stages of selection process. The industry certifications give employers a benchmark against which they can measure and/ or compare various candidates.
After having over two decades of managerial and leadership experience in IT Administration and InfoSec Governance and Doctor of Philosophy in Information Systems, I felt uncomfortable with the idea of appearing for certifications like CISSP or CISA which my direct reports, with much lesser experience profile, had. As the industry requires testing and accreditation of knowledge even for experienced professionals, I was looking for the right kind of certification that would match my level of experience for a senior position holder, like myself.
During one of those days, during discussions, one of my friends recommended that I try EC Council’s Certified Chief Information Security Officer (C|CISO). After some research about various certification paths, I decided to defer to my friend’s advice. I must say that the certification and the study material thereof does orient one to think about InfoSec Governance holistically and I found the insights very useful. I, in fact, learned the theory behind the practice. During EC Council’s Online C|CISO Training (iWEEK), I had the chance to interact and exchange notes with very senior cyber security professionals like me. After thorough preparation, I appeared for the C|CISO Exam on 11 Nov 2018. The scenario-based exam tested every bit of my experience. My preparation and experience paid off and I scored about 94.7 percentile.
Based on my experience with the C|CISO, I highly recommend the certification to senior professionals like me who are into InfoSec Governance with years of practical experience to their credit. The certification is accredited by American National Standards Institute (ANSI) in terms of ISO/IEC 17024:2012 and is thus globally recognized.