SANS - Master's Degree

Didn't realize SANS offered degrees. I doubt they're accredited, but they'd be well recognized within the industry.

https://www.sans.org/event/cyber-defense-initiative-2013/masters-degree/

Find more posts tagged with

Comments

chanakyajupudi

I was very interested but they are not accredited.

After a lot of thinking about the ROI I decided against it.

redz

I have a friend with a SANS Master's... It's not even on his LinkedIn. I doubt much ROI without it being accredited, and last news on its accreditation was in ~2011(?) where they were a candidate.

JDMurray

Right now STI is supposedly 99% of the way to CHEA accreditation. I'm thinking there will be final news on this in the next moth or two.

And yes, I checked with STI back in 2009 about their impending accreditation. They said they were hoping to get it in 2011. I'm not sure what the hang up was.

samurai86

Yea I have heard they have been waiting for the accreditation for about 3 years or so. They have applied for it, that is the one issue (Although probably the biggest issue) they have. Their classes are practical and fantastic. A bit pricey though. Once they are accredited I think their student base will rise.

Here is a general question though, once they do become accredited, will individuals who completed the program previously be able to claim they received their degree from an accredited institution?

010101

It seems kind of embarising, more than something to have pride over.
'Yeah, I have a fake masters from X'.
I don't know why anyone would waste time and money getting a masters from somewhere like this.
It will never mean ANYTHING. If anything, it will make people look sideways at you.
Why not spend the same time and money getting it from a real school?

colemic

It's not a fake Master's degree... it just lacks formal certification. And you can't be serious, as far as wasted time and money - SANS certifications are at the top of the heap as far credibility goes.

Their biggest benefit to gaining accreditation is that they will open the financial floodgates of veterans now able to utilize their GI Bills for the degree... a degree that from a dollars perpective, is unattainable by most.

f0rgiv3n

I would love nothing more than to take their Master's degree program... But DAMN, the dolla dolla bills you'd have to throw at it is insane! Not only that, it's not accredited yet (like stated already)... Maybe once they achieve their accreditation it will attract a lot more individuals.

SephStorm

010101 wrote: »

It seems kind of embarising, more than something to have pride over.
'Yeah, I have a fake masters from X'.
I don't know why anyone would waste time and money getting a masters from somewhere like this.
It will never mean ANYTHING. If anything, it will make people look sideways at you.
Why not spend the same time and money getting it from a real school?

lol. People care about the orginization that awarded the credential, sans is well known, well respected. That is what will matter to most. I find it funny, EC-Council is in the same position with their Master's program, licensed, but not accredited, has been seeking it for years. They also claim they are working on an undergrad program.

NovaHax

Not for me!!! SANS is SO expensive.

SephStorm

Oh I agree with you on the cost. Near impossible for an individual. So unfortunate, they really could open up to lower income individuals by making online training less expensive. I do believe the prices are either exactly the same or very close. I did some research, you are paying about the same whether you go to an event, go online, or use a discount code. Basically something to the effect of if you get a discount, you are only getting off the price of the cert attempt, and if you go for netwars, you are back at the starting price. Its a nice scam for the company. (This isnt an attack on SANS, just some frustration. Everytime I think I have the time or funds to do it, I do an analysis of other training and often find I can get a course and all the travel and lodging expenses, or even 2 online courses for the same price.)

stryder144

samurai86 wrote: »

Yea I have heard they have been waiting for the accreditation for about 3 years or so. They have applied for it, that is the one issue (Although probably the biggest issue) they have. Their classes are practical and fantastic. A bit pricey though. Once they are accredited I think their student base will rise.

Here is a general question though, once they do become accredited, will individuals who completed the program previously be able to claim they received their degree from an accredited institution?

You can claim it but it wouldn't hold up under scrutiny. Here is why: your degree will be conferred on you on a specific date. If an employer checks the school website, it usually says something to the effect that it gained national/regional accreditation on such-and-such date. When you compare the two, they won't line up and the employer may either disregard the degree or throw the resume out.

I was going to get my degree from a college that was a regional candidate but chose not to. Several years later, I visited their website, curious to see if they had attained accreditation or not. Plain as day on their website was the message that the accreditation had been given on such-and-such a date and that all degrees conferred prior to that date where not regionally accredited, only nationally.

Having said all that, though, as long as you don't misrepresent the degree (i.e. mentioning that it is from an accredited institution when you received before accreditation occurred), the employer probably won't pay too much attention to the dates and will likely draw the conclusion that you got it from an accredited school, as most of the time they are just verifying that the school is accredited.

As usual, YMMV.

Cheers

the_Grinch

If they aren't accredited don't waste your time or your hard earned money. Close only counts in horseshoes and hand grenades. Plenty of very good schools that are the same price (or slightly less) that are accredited.

redz

SephStorm wrote: »

(This isnt an attack on SANS, just some frustration. Everytime I think I have the time or funds to do it, I do an analysis of other training and often find I can get a course and all the travel and lodging expenses, or even 2 online courses for the same price.)

I openly and freely attack SANS, actually. $999 to challenge an exam if you don't pay for a >$4000 course?

I paid slightly less than $999 to get both my CISSP and my CISSP-ISSEP.
$4000 for a week? I could pay for a semester - AND THEN SOME - of college with that money.

SANS preys on corporate funding at the expense of the individuals in the Information Security community; I consider them a societal detriment. I have no respect for them and no desire to pursue their certifications.

EDIT: To clarify, while inviting attack on myself like this, I have no respect for SANS. This is not to downplay or otherwise attack the credibility of the certifications they offer, which hold obvious value and are highly respected. This is purely because their business model is that of extreme greed. On top of everything else mentioned, $399 per four year ($99+ per year) renewal fees are also brash.

JDMurray

redz, there is no moral requirement for an Information Security organization to offer all of their training for free. SANS and GIAC have plenty of low-cost and free resources for InfoSec professionals to use and learn from. If the majority of potential customerd don't think their services are worth their asking price then SANS/GIAC will have no choice but to lower their prices. In capitalism this is known as "what the market will bear."

veritas_libertas

I would love to go for their Masters if it became CHEA accredited.

My employer sees no problem with what SANS costs. As JD said, if the customers thought the price was too high the cost would come down. SANS is not the only player in the INFOSEC training business.

redz

JD, I like you, and I respect you, but I honestly feel like you ignored everything I wrote simply because I despise SANS.

I didn't say there was a moral requirement to offer training, materials, or certifications for free. In fact, I never mentioned the word "free". I have spent ~$3,800 YTD in training materials and certifications, to include two separate week-long courses. This, however, has netted me the CISSP, ISSEP, CAP, ITILv3, some EXIN security certification, and a Marine Corps-specific IA certification (or two?). I'm no stranger to spending money on education, trust me. (EDIT: This does include materials I've purchased for the ISSAP, but not the exam costs)

Had I spent that same money with SANS, I could (almost) have a GSEC course, or challenge (almost) four tests without proper preparatory materials.

From the perspective of someone who has to self-fund my education, there isn't a piece of training in the world worth $4,000 for one week, because if it can be learned in one week, it simply isn't worth $4,000 to know.

I understand the capitalistic and economic sides of it, however the pricing scheme generally disallows people without company support from attaining certification. It is perfectly moral and ethical from a business standpoint, however it is still just a game of "screw the little guy" that is very much to be expected based on the people who built the company.

Due to that, I don't like them and I never will. I will continue considering them a bane on the community, forcing their names into the market through getting businesses (which have higher budgets than individual people, Veritas) to pay for training while price gouging those individuals who enjoy learning for learning's sake.

TL;DR: I AM NOT A COMPANY.

EDIT: I've veered this post off topic with my idealistic views about not screwing individuals to marginally increase the company's bottom line, and I apologize. I do honestly hope that SANS attains accreditation, though, because based on what I've read, they do have great course material for those whose companies pay for their educational advancement. I will still never spend, or have a company spend on my behalf, one cent that goes to them.

JDMurray

Point taken that you never said "free," but you do seem to understand that you are not the target market for purchasing SANS/GIAC products. It's like arguing that Mercedes should reduce the price of their $100,000 cars to a level that is affordable to more people. The solution is rather to buy a more inexpensive car from another manufacturer. Complaining instead that Mercedes is a "bane" is not anymore reasonable than playing a game of "screw the little guy" is a strategy that keeps them in businesses and profitable.

redz

JDMurray wrote: »

It's like arguing that Mercedes should reduce the price of their $100,000 cars

SANS is the luxury car market of Information Security certifications? When you're talking luxury car market vs economy car market, you're comparing two things of vastly different value (perhaps not as vast as the price differences, but still). If you're telling me the CISSP is equivalent to a Kia Optima and the GSEC is equivalent to a Mercedes, I'm going to have to beg to differ. That entire line of reasoning is largely flawed.

I'm going to walk away from this thread now, because I have no patience for companies I deem to be slimy, which (face it), SANS is, if only because they attempt to strong-arm everyone into taking their training.

EDIT: To reiterate - I'm not discounting the value of their certifications, the quality of their training, or anything to that effect.

JDMurray

I'm not sure where you inferred that I implied any comparison between GIAC and (ISC)2 certifications. The Mercedes is an analogy of something else that is very expensive that regular people cannot typically afford, yet the price remains high because there are some people who are willing to pay that high price for it and believe that it is worth the price they are paying. The same is true of the many organizations that pay for SANS training and GIAC certs.

I once talked with a CSO who told me he sent a group of his security people to SANS training that cost his department $40,000. When they returned from training, they quickly found security vulnerabilities in his business that could have easily cost his company $500,000 in losses had they been exploited. To his company, the tremendous ROI of the SANS training for his people was well worth the cost.

There are obviously some unstated factors in consideration in this argument that are hitting a nerve that I'm not aware of.

BGraves

JDMurray,

I see you mentioned they are supposedly 99% of the way to obtaining their accreditation and may have an update in the next month or two. Any idea where you found this information? Do you yourself actually believe this could happen within the time frame you mentioned, or is it another "three years later" kind of thing?

I'm very curious as I am very interested in the program but the lack of accreditation is a serious drawback for me. (Already burned once while pursuing my BS, my fault though, but still)

YFZblu

JDMurray wrote: »

I once talked with a CSO who told me he sent a group of his security people to SANS training that cost his department $40,000. When they returned from training, they quickly found security vulnerabilities in his business that could have easily cost his company $500,000 in losses had they been exploited. To his company, the tremendous ROI of the SANS training for his people was well worth the cost.

Great point.

Also, for those miffed by the cost of a SANS education but still want to attend, the Work Study program knocks the cost down to $900 - additionally the exam is free if one stays at the event hotel or lives nearby.

JDMurray

BGraves wrote: »

Any idea where you found this information?

Yes, in talking with several different people at SANS, each felt that the whole thing should be decided by December of this year. I don't know if that means accreditation was 100% assured and only the formality of paperwork remains, but that's probably the case.

SephStorm

I just want to comment. While JD is correct in saying that we individuals are not their customer base, it ignores a big issue, the information that their certs/courses cover is difficult to find elsewhere. I would have no issue with SANS' prices if I could find a comparable course to some of their less popular certs: GCWN/FW/IA/ED. I know, I know, some people find it reasonable to self study the information, but It simply is less reasonable for someone who has no support base, is working, and not working in the technology they want to learn, and to not have the benefit of talking to fellow seekers and/or instructors. Thats why I pay for courses, but there has to be give somewhere.

BGraves

JD, thanks for the additional information! I really would be excited to pursue their program if it does become accredited!

JoJoCal19

Looks like SANS might be prepping for the supposed upcoming regional accreditation. Their site with the info on the programs just changed within the past few days as I was browsing it a few days ago and it had the old setup with the list of the courses. Now all of the courses you have to take have been given a course name such as ISE 5XXX and everything is broken down into credit hours.

Check it out here:

MSISE: Master of Science Degree in Information Security Engineering

dhoelzer

I have no interest in debating the merits or perceived faults of SANS, but I thought you folks would be interested to know that SANS Technology Institute did in fact achieve accreditation in November: Masters Degree in Information Security - SANS Technology Institute