Originally posted here by thehorse13


Why do you folks feel that a masters or a PhD in security is necessary for your career path? Are all of you looking to sit at a "C" level position such as CSO?

Does this mean that technicians are actually striving to become business people? If so, whouldn't a masters in business be smarter if you already have an undergrad in CS? To me, this makes sense because you stand to sharpen many skill sets instead of just one.

Anyway, if anyone cares to respond, I'd be very interested in hearing what you have to say about this.

--TH13
Hi,

It depends on what you want to achieve. Most taught Masters teach a mixture of technical and business skills and are particularly suited to someone with a bit of industry experience who wants to specialise in a technical area at a commercial level e.g. pen testing, consultancy.

Research degrees in the area tend to concentrate on security engineering problems although I have also come across some law and business related research - really these are for guys who either want to move into academia or commerial or government R&D. Or are just stupid (my IQ has just taken a severe nosedive).

I have also come across a professional doctorate program which combines on the job experience with taught courses and some more minor research opportunities. This would be a good career move for some one with extensive experience who needed a demonstrable qualification.

the professional qualifications including the sacred CISSP tend to just scratch the surface and don't go deep enough to satisfy real security gurus.

Business skills might be handy for some jobs but I would say the main skills are consultancy, negotiation and project management which don't require a full blown MBA program to achieve.

T