Premium courses and e-learning should be FREE
That Random Guy
Member Posts: 72 ■■■□□□□□□□
I've always thought of it as a very stupid thing to purposefully block people from information that will enable them to be a better resource, person, professional, etc.
TL;DR:
This is true for things like closed-off library/journal databases, course-ware sites like Udemy and LinkedinLearning, etc.
(ISC)2 keeps listing numbers in their magazines about how companies keep falling prey to cyber attacks and about how so much of the workforce is lacking in infosec knowledge and or stature (there's probably a conflict of interest there but let's not visit that).
I shouldn't have to pay (ISC)2 to learn about CCSP concepts, I shouldn't have to pay Cisco or Juniper to learn IOS or JunOS, I shouldn't have to pay courseware "instructors" for learning things like Linux, programming, etc. These things and "products" should be readily available to the public where even top quality platforms and solutions should be FREE.
EDIT:
This is not to argue that there aren't free solutions everywhere. Anyone with an internet connection and access to the majority of the web can see practically anything. The problem with this is that speed-reading through random information alone does nothing for anyone. That's why FB has seen such a fiasco that it has. There needs to be format that can be used, much like e-learning and e-courses. This is also not to suggest that free options available now are lackluster, but rather that the ones that are PREMIUM and therefore NOT FREE should be in fact FREE if they have been created with the intent to actually pass on knowledge to people. Nobody should have to pay to have knowledge transferred. Nobody asked people to create top-notch course-ware on Udemy. They did so on their own volition. Why then charge people for this work? You could benefit so many people by just making it readily available from the internet WITHOUT a paywall. Yet, all these organizations and countries wonder why on earth they can't obtain people with valid credentials, knowledge, experience, etc. Maybe if companies like CompTIA and ISC2 stopped putting a paywall on their magazines, club-only resources, and CBKs, maybe people wouldn't be so out of the loop.
Comments
-
chrisone Member Posts: 2,278 ■■■■■■■■■□I always liked this quote.
"I don't work for free, just like food isn't put on my table for free, and how a roof is not guaranteed to me." - anyone
People need to earn a living, it comes in many forms and that includes selling information on how to secure information systems. It seems like you don't really have a problem with people earning a living but you do have a problem with people earning a living off of securing information systems.Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
2023 Cert Goals: SC-100, eCPTX -
E Double U Member Posts: 2,239 ■■■■■■■■■■That Random Guy said:I've always thought of it as a very stupid thing to purposefully block people from information that will enable them to be a better resource, person, professional, etc....TL;DR:I shouldn't have to pay (ISC)2 to learn about CCSP concepts, I shouldn't have to pay Cisco or Juniper to learn IOS or JunOS, I shouldn't have to pay courseware "instructors" for learning things like Linux, programming, etc. These things and "products" should be readily available to the public where even top quality platforms and solutions should be FREE.
No one is purposely blocking you or anyone else from learning the material. They are purposely trying to profit from what they have to offer. If you don't want to pay (ISC)2, Cisco, or Juniper then don't.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS -
roninkai Member Posts: 307 ■■■■□□□□□□You could also do your taxes yourself, or pay a tax professional for knowledge, skills, expertise, and advice. Is your tax professional obligated to give you free advice/information? Absolutely not. Same concept. We all have to make a living some how. It's no different in information security. Nothing is blocked either. You could learn just about everything you ever wanted to know about infosec from freely available resources. But if you want credentials to accompany that knowledge, well that's where the cert authorities come in, for a fee. I think someone may be feelin' the "Bern" a bit too much. As they say though, there's no such thing as a free lunch. In the end, there is always a cost associated with we perceive to be "free".浪人 MSISA:WGU
ICP-FDO ▪ CISSP ▪ ECES ▪ CHFI ▪ CNDA ▪ CEH ▪ MCSA/MCITP ▪ MCTS ▪ S+
2020 Level Up Goals: (1) DevSecOps Learning Path (2) OSCP -
Hawk321 Member Posts: 97 ■■■□□□□□□□That Random Guy said:I've always thought of it as a very stupid thing to purposefully block people from information that will enable them to be a better resource, person, professional, etc.This is true for things like closed-off library/journal databases, course-ware sites like Udemy and LinkedinLearning, etc.(ISC)2 keeps listing numbers in their magazines about how companies keep falling prey to cyber attacks and about how so much of the workforce is lacking in infosec knowledge and or stature (there's probably a conflict of interest there but let's not visit that).
it is the mindset.
I give you some examples:
A small Op team were complaining that they have so much work and need a new Op in their team (100% Linux)...in the interview I asked some questions like:
- Do you maintain a documentation system like confluence and do you maintain a detailed logical network plan ?
ANSWER: We have shared folder with text files
MyNoteInMyHead: FAIL- Do you use git for your scripts ?ANSWER: Git ? Heard of it...MyNoteInMyHead: FAIL- Do you code in clean code manner ?ANSWER: We don't code- What Linux distribution is used ?ANSWER: PLESK, we are not into the CLI thingMyNoteInMyHead: FAIL- How many Server are you managing ?ANSWER: 80...and we can't keep upMyNoteInMyHead: FAILAnd this was not the only interview that went into that direction...people get lazy and even if a company hires an real expert...the environment becomes toxic so long the "expert" is not in a leading position. --> Chicken Egg Problem
So long those people don't change their mindset, nothing will change. In Germany we had some scandalous news the last weeks...along a well known car rental company had its customer DB public...without further protection --> MEGA FAIL
This means, a certification (even for free) would not prevent this...rather a huge butt kick COULD !I shouldn't have to pay (ISC)2 to learn about CCSP concepts, I shouldn't have to pay Cisco or Juniper to learn IOS or JunOS, I shouldn't have to pay courseware "instructors" for learning things like Linux, programming, etc. These things and "products" should be readily available to the public where even top quality platforms and solutions should be FREE.
Most stuff is free, no one forces you to visit a live course. Books, Videos etc. must cost money --> production. And the exams ...well I've no problem with that. Critical is the hardware you mostly need to build labs.
INE, Udemy etc. are worth the money most times.But I agree, that general education should be free like colleges including options to pursue a degree and its classes 24/7 and not only between 8-5
Degree incomputer science, focus on IT-Security.CCNA R+S and CCNA CyberOPSLPIC-1,LPIC-2,LPIC-3: SecurityUbiquiti: UBRSS+UBRSA
some other certs... -
PC509 Member Posts: 804 ■■■■■■□□□□You don't need to pay for a lot of information. Get a copy of the exam topics and outline. There is TONS of free documentation out there. It's just not tailored to the exams. From individuals blogs, writeups, forums, study guides, etc. to official vendor documentation (some is behind a registering site, some is behind a paywall site which is an exception).
The information is out there for free. If someone else compiles it and prepares it to teach it to you, they want to be compensated for that time and effort. -
thomas_ Member Posts: 1,012 ■■■■■■■■□□I usually can find the documentation online for free. My only gripe is that Cusco is removing the documentation for all of their EoL/EoS equipment from their website, but is somehow maintaining their web rankings. I really wish google still had the feature where you could remove unhelpful content. If Cisco doesn’t want to supply the docs, then they whouldn’t get the web traffic.
-
Danielm7 Member Posts: 2,310 ■■■■■■■■□□That Random Guy said:There needs to be format that can be used, much like e-learning and e-courses. This is also not to suggest that free options available now are lackluster, but rather that the ones that are PREMIUM and therefore NOT FREE should be in fact FREE if they have been created with the intent to actually pass on knowledge to people. Nobody should have to pay to have knowledge transferred. Nobody asked people to create top-notch course-ware on Udemy. They did so on their own volition. Why then charge people for this work? You could benefit so many people by just making it readily available from the internet WITHOUT a paywall. Yet, all these organizations and countries wonder why on earth they can't obtain people with valid credentials, knowledge, experience, etc. Maybe if companies like CompTIA and ISC2 stopped putting a paywall on their magazines, club-only resources, and CBKs, maybe people wouldn't be so out of the loop.
Let us know when you spend thousands of hours writing books or doing courses and then are asked to not be paid for doing that work. The concept that they did a course without being asked, so they shouldn't be paid, is silly. In that case we'd never get any future development on almost anything, because few people would be creating anything new, because no one would already be demanding it.
Also, the idea that if all learning material was free that suddenly people would just read it all and all security issues would go out the window is so far from reality. For example, I manage a security team, I provide a lot of information to my team, most of them don't look at most of it. I've gotten demos of expensive learning platforms and said, "hey guys we need to check this out, please demo some courses, virtual labs, etc, and let me know what you think" Weeks later, I had looked at far more than anyone else and they all just didn't get around it, not because they were too busy, but because there is so much free information out there it's like overload that when given yet a new premium source it wasn't even all that exciting. I've come home from a few SANS courses like.. wow that was amazing! Anyone want to hear about.. oh, nothing? OK then, carry on.
One of the platforms forgot to even turn off the demo, I went back months later and logged in, surprised, still no one had bothered using it. And these are actual security engineers, not random people on the web who would suddenly get access to a higher quality video course. -
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□Danielm7 said:
-
LonerVamp Member Posts: 518 ■■■■■■■■□□This sounds like a gross generalization based on some specific triggering event.Anyway, first of all, don't pay for these things. Go on your own to learn things.Second, people who go through the effort to supply information and give you good learning, advice, knowledge are also trying to earn a living.Third, all that free stuff online? Can you trust it? Is it good advice? Over the past 3-4 years, at least here in the US, we've reached this tipping point of people online where these last dredges of society have found the Internet; the people who don't know how to determine proper factual sources and will happily turn around and repeat bad advice. Paying for something doesn't ensure it is better, but it does often suggest such. Those with bad advice? They won't get far once a few catch on and out them.Fourth, your argument is very flawed. Basically you're saying if someone created something for everyone else, then it should be free? Does this apply to novels, works of art, music as well?
Security Engineer/Analyst/Geek, Red & Blue Teams
OSCP, GCFA, GWAPT, CISSP, OSWP, AWS SA-A, AWS Security, Sec+, Linux+, CCNA Cyber Ops, CCSK
2021 goals: maybe AWAE or SLAE, bunch o' courses and red team labs? -
Hawk321 Member Posts: 97 ■■■□□□□□□□SteveLavoie said:Danielm7 said:
Degree incomputer science, focus on IT-Security.CCNA R+S and CCNA CyberOPSLPIC-1,LPIC-2,LPIC-3: SecurityUbiquiti: UBRSS+UBRSA
some other certs... -
JDMurray Admin Posts: 13,099 Admin@SteveLavoie People want to learn different things at different times in their lives and careers. You can only lead a horse to water; you can't make it drink--unless mandated as part of the job.
-
LordQarlyn Member Posts: 693 ■■■■■■□□□□Training materials, books, learning courses cost resources and man hours to produce. Things have to be paid for. As you said, there are plenty free materials out there. But free doesn't mean it's a good value.
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□JDMurray said:@SteveLavoie People want to learn different things at different times in their lives and careers. You can only lead a horse to water; you can't make it drink--unless mandated as part of the job.
-
E Double U Member Posts: 2,239 ■■■■■■■■■■SteveLavoie said:JDMurray said:@SteveLavoie People want to learn different things at different times in their lives and careers. You can only lead a horse to water; you can't make it drink--unless mandated as part of the job.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
E Double U Member Posts: 2,239 ■■■■■■■■■■UnixGuy said:Nothing in this life is free.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
thomas_ Member Posts: 1,012 ■■■■■■■■□□E Double U said:UnixGuy said:Nothing in this life is free.
-
UnixGuy Mod Posts: 4,570 ModE Double U said:UnixGuy said:Nothing in this life is free.you're paying with your time and efforts. Even if it's 'free', say your employer pays for it - it's a tax write off (and you're paying for it indirectly). Or if governments pay for it, you gonna pay it back in tax. Plenty of 'free' content on Youtube that are paid for by Ads that you watch.Some has to pay the instructors, they're not charity workers.But I understand the poster's point, and it reminds me a bit of the philosophy of "free open source software".
-
tedjames Member Posts: 1,182 ■■■■■■■■□□I really get tired of hearing people gripe about how they have to do something themselves. I've known some that let certifications expire because their company/agency won't pay to have them renewed. I look at it this way; you have to invest in yourself if you want to get ahead, be it with money or time. Yes, there are plenty of free resources. Find something that works for you that was created by someone with a good reputation. If you've never heard of The Cyber Mentor, you should check out all of his free offerings on YouTube and other places. He also recently launched an extremely comprehensive penetration testing course on Udemy that sells for cheap. What's $10-$20 in the overall scheme of things? Five years ago, my former agency wouldn't pay $250 for my SSCP exam, so I paid for it myself. A few months later, I got a new job with a bigger paycheck. My small investment paid off. Stop complaining about cost and just do it. Otherwise, you can sit around in the same position doing the same work until they replace you with automation (or a guy fresh out of college who is willing to do the work for less). Don't wait around for something to happen. If the boss won't pay for it, do it yourself and then move on to a better job.
-
E Double U Member Posts: 2,239 ■■■■■■■■■■tedjames said:I really get tired of hearing people gripe about how they have to do something themselves. I've known some that let certifications expire because their company/agency won't pay to have them renewed. I look at it this way; you have to invest in yourself if you want to get ahead, be it with money or time. Yes, there are plenty of free resources. Find something that works for you that was created by someone with a good reputation. If you've never heard of The Cyber Mentor, you should check out all of his free offerings on YouTube and other places. He also recently launched an extremely comprehensive penetration testing course on Udemy that sells for cheap. What's $10-$20 in the overall scheme of things? Five years ago, my former agency wouldn't pay $250 for my SSCP exam, so I paid for it myself. A few months later, I got a new job with a bigger paycheck. My small investment paid off. Stop complaining about cost and just do it. Otherwise, you can sit around in the same position doing the same work until they replace you with automation (or a guy fresh out of college who is willing to do the work for less). Don't wait around for something to happen. If the boss won't pay for it, do it yourself and then move on to a better job.Alphabet soup from (ISC)2, ISACA, GIAC, EC-Council, Microsoft, ITIL, Cisco, Scrum, CompTIA, AWS
-
cyberguypr Mod Posts: 6,928 ModI've typed 3 responses and ended up deleting them because I just couldn't make sense of this logic. Like LonerVamp said, something must've triggered this. We are here if OP wants to sensibly discuss further.
-
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□@cyberguypr don't try, there is no logic in that post. I am feeling some frustration in his post about not getting some training/information and surely something specific is causing this. We all agree that life is not free, good trainer/author cost money and investing in ourself is the best way to improve our career, I think the OP just want to improve himself but he is thinking that only premium training can get him the training he deserves.
-
Iristheangel Mod Posts: 4,133 ModThere are tons of free documents out there. For example for ISE, I could pull up the free Admin Guide and read all 2,000 pages of it or browse to a topic but reading manuals tend to be a little drier. Same with standards: You can go read RFCs, ISOs, NIST, etc but it's going to be a dry read. Many vendors provide some videos online, the manuals, blogs, etc etc and even technology enthusiasts will create their own blogs and videos if they feel like it (i.e. I have a blog) but if you want quality content that follows a certification path and an individual contributor works their butt off to make that content, I think it's fair that they ask to be paid for their work just like you expect to get a paycheck based on the work you do. I do enjoy teaching but at some point, I also have bills to pay just like you do.
-
Iristheangel Mod Posts: 4,133 ModThat Random Guy said:EDIT:Nobody asked people to create top-notch course-ware on Udemy. They did so on their own volition. Why then charge people for this work? You could benefit so many people by just making it readily available from the internet WITHOUT a paywall. Yet, all these organizations and countries wonder why on earth they can't obtain people with valid credentials, knowledge, experience, etc. Maybe if companies like CompTIA and ISC2 stopped putting a paywall on their magazines, club-only resources, and CBKs, maybe people wouldn't be so out of the loop.
If you don't feel you should pay for it, go read the manuals and free content out there in protest. If someone works hard to produce paid content, you're not obligated to it for free. -
roninkai Member Posts: 307 ■■■■□□□□□□tedjames said:I really get tired of hearing people gripe about how they have to do something themselves. I've known some that let certifications expire because their company/agency won't pay to have them renewed. I look at it this way; you have to invest in yourself if you want to get ahead, be it with money or time. Yes, there are plenty of free resources. Find something that works for you that was created by someone with a good reputation. If you've never heard of The Cyber Mentor, you should check out all of his free offerings on YouTube and other places. He also recently launched an extremely comprehensive penetration testing course on Udemy that sells for cheap. What's $10-$20 in the overall scheme of things? Five years ago, my former agency wouldn't pay $250 for my SSCP exam, so I paid for it myself. A few months later, I got a new job with a bigger paycheck. My small investment paid off. Stop complaining about cost and just do it. Otherwise, you can sit around in the same position doing the same work until they replace you with automation (or a guy fresh out of college who is willing to do the work for less). Don't wait around for something to happen. If the boss won't pay for it, do it yourself and then move on to a better job.浪人 MSISA:WGU
ICP-FDO ▪ CISSP ▪ ECES ▪ CHFI ▪ CNDA ▪ CEH ▪ MCSA/MCITP ▪ MCTS ▪ S+
2020 Level Up Goals: (1) DevSecOps Learning Path (2) OSCP -
Danielm7 Member Posts: 2,310 ■■■■■■■■□□@tedjames is dead on above. You need to take an interest in developing your own career. I've paid for all my past training on my own and it's drastically helped my career. At my old position 4 guys all wanted to do the CISSP together, 3 of them didn't crack the book and thought 600 for an exam was crazy. I did it, and then shortly after added tens of thousands of dollars a year to my income. I'd say it's worth it.
The only certs I've had work cover have been SANS, and I've done them via work study. Work wouldn't even pay for the certs themselves but I trade off the extra work of the program so I can bundle in the exam cost and, tada, now I'm trading effort for qualifications that I otherwise couldn't get approved. -
changlinn Member Posts: 42 ■■■□□□□□□□I agree. "When planning for a year, plant corn. When planning for a decade, plant trees. When planning for life, train and educate people."
While we're working in a capitalist system, people need money to live. So certification vendors need to make money, as do training centers, and book authors.
However, I'd like to see more free base or entry level certs and courses. Then get the eventual employer or the now employed person to pay for higher ones. LPIC did this at one stage for LPIC 101, I think you still need to pay for the cert but it is cheap and they used to give some away in the developing world and to unemployed. But how good would it be for Security+ or CEH to be free. Heck EC-council could make the CEH version minus 1 free, and allow people to at least say they are certified for 12 months. Then they need to pay to be certified longer or something.
My work cover all security certifications for myself and my staff. As it should be. They aren't covering my Uni degree, but I'm getting that on near interest free loan from the Government here in Australia.
A+, C|EH, CISSP, CISM, CRISC, GSTRT, MCSA:Messaging, MCSE:Security
"Brain does not meet certification requirements, please install more certifications" Me
Currently Studying: Cyber Security masters and ISC2 CCSP.
Security blog; http://security.morganstorey.com -
SteveLavoie Member Posts: 1,133 ■■■■■■■■■□Well most entry level certification are about or less than 250$. Add a few book and a practice exam, so each entry level certification can be added to your resume for 500$. It is not that much even if you pay from your own pocket. Also most companies would at least reimburse some part or all of it.
-
JDMurray Admin Posts: 13,099 AdminI've said this before and I'll say it again: Certification exams are not priced for individuals; they are priced for businesses to purchase.