My 2 cents on the subject.....

Well I have a little of everything. Started out with a Sharp computer my dad brought home in 1984, then the commadore 128, then the good ol 33mhz DXII, and so on. Alot of the learning came from trying to get games to work on these machines and interest just grew from there. Had a modem and played on the BBS's and learned through that as well. Joined the Army after two years of college and got into the IT field just as the internet started really taking off (1994/1995). Got a ton of OJT. Also become a part time instructor for a government agency while still in the military. That is where you learn!! You get questions from students that make you look at things in different ways and are forced to research obscure questions people may have. Anyway, after the Army I've had plenty of security related training. Some good, but most of it was crap! I would avoid taking anything where the instructor is MS certified. They just don't know about anything but MS, almost brianwashed in a way.

Do I use any of the training in my job...nope. I'm on a Vulnerability assessment team and its all about going off on your own and trying new things and researching. You don't need training to just run a tool, thats as easy as pushing a button. To do a true assessment, you need to be up to date on all the vulnerabilities that are out there and no class will help you prepare for that. Now did all the teaching I do help me prepare for where I am now...yes! Teaching gets you ready for the unexpected, its not so much the content of the course, its knowing how to figure things out on your own...

Wow, sorry, that turned into a ramble. My thoughts anyway (even if it is just rambling)