Why the CEH is worth it and why it will take a full year to earn it.
Nobody sets out to get a “paper” certification. But that’s what can happen if a certification is the main focus for achievement. We all know of “paper MCSEs” who memorized enough terms to pass the exam but couldn’t actually do anything.
I have decided to earn the Certified Ethical Hacker (CEH) certification for a number of reasons (more on that below) but I want to do it right. I don’t want a “paper” certification.
The CEH has value but, like most other exams, it can be cheated. I want to earn it and really be able to do it!
In this post, I’ll share why I think the CEH is worth pursuing and why it will take a whole year to earn it.
I’ve been an IT-guy for 15 years. I’ve done networking, server administration, management, you name it. In more recent years, I have shifted my focus to the security aspects of IT. Finally, I landed a spot as a full-time Security Specialist and I love it!
I have always forced myself to study for what I thought I SHOULD do. It was slow and painful even if I learned a lot in the end. Now, I have decided to focus on what I am really interested in, security. Specifically, I want to learn how to break into systems. Why? Because I think it will be fun!
So that is reason number one why the CEH is worth pursuing; because it will be fun!
Really, I could just stop there. But there are a few more reasons I am pursuing CEH and why you might want to also.
If you review the open security positions on the popular job sites, the CEH is listed as a required or preferred certification for many of them. Even the Department of Defense includes the CEH certification among their highest information security requirements.
I think Daniel Miessler said it perfectly on his blog, “Things have the value that others place on them.”
Even if you, like me, don’t have a specific outcome in mind after earning the CEH, I think it is still worth having. It never hurts to have the skills and certifications that are in demand in the job market.
The CEH might create opportunities to participate in either offensive or defensive positions in the future. Even though the CEH won’t immediately make anybody a skilled penetration tester, it could certainly open doors. That ‘open door’ could be with a new employer or even in a different role with the same employer.
As a defensive security employee, I believe an offensive certification can really provide a significant improvement in my point of view. Spending some time thinking like an attacker should help generate ideas for new defensive strategies. Just understanding what is possible will probably
be terrifying increase the urgency felt to pursue a strong defense.
Did I mention that I think a certification with the word “Hacker” in it is cool and learning how to break into stuff sounds really fun? I bet you think so too…don’t deny it!
A Whole Year!?
I’m going to spend the next year studying for the CEH because I want it to have value to me personally. I don’t want to be a paper-CEH. Like Troy Hunt said on his blog, “Be able to do and not just tell.” I want to really be able to do this stuff. I’m not going to cram or take a “boot-camp”. I’m going to watch training videos, read books, learn related subjects, build a lab, and spend hundreds of hours breaking stuff!
The test itself will be icing…a milestone and a reward for the effort.
I’m pursuing the CEH because:
- It’s an in-demand certification and skill set
- It creates opportunity for career growth
- It gives an expanded point of view for defense
- It will be fun
The CEH will take a year to earn because:
- Paper is worthless without skill
- Paper can’t sit through an interview
- Paper can’t hack into systems
Are any of you thinking about becoming a Certified Ethical Hacker? Working on it now? Finished already? I am interested in hearing your thoughts.