I currently hold eight active certifications: CISA, CISM, CISSP, CEH, PMP, PSM, CCA, CCP, and ITIL. I’ve also let four lapse over the years – CCNA, CFCM, Security+, and Network+. Not because I failed to maintain them, but because they’d done their job and my career had moved past where they were needed. Letting a cert expire on purpose is its own kind of decision, and I don’t regret a single one of them. It does cost money and time keeping certs.

Here’s the part I want to be upfront about:

I didn’t bootcamp my way through any of these.

No weekend crash courses, no test dump memorization, no shortcut path. I bought the books, built the study plans, and put in the hours myself — nights, weekends, whatever time I could carve out around a full-time job and a life outside of it. I passed almost all of them on the first attempt. CEH took me two tries, and I’ll own that one without excuses.

Note: Some certifications require a class or they make it very difficult if you don’t have the class. CEH doesn’t have a mando class, but you end up paying extra for the certification exam if you don’t pay for the class – so the class is essentially free. The class is mandatory for the CCP and CCA.  Classes and bootcamps are differnt.

Do I believe in certifications?

Yes and no.

Yes, because they gave me a path. A certification exam is a forcing function — it tells you what “complete” looks like and gives you a deadline to get there. Without that structure, self-study has a way of wandering. I know more today because I had a goal on the calendar that made me learn it properly instead of learning it “enough.” It does make you more marketable – depending.

No, because a certification is not the same thing as being a subject matter expert (SME). It never has been. Passing an exam proves you can pass an exam. What you do with that knowledge afterward — in the field, under pressure, with real systems and real consequences is a completely different measure. I’ve earned eight  of these things, and I still wouldn’t call myself a SME on any of them without adding “and here’s what I’ve actually done with it” right after.

A story that’s stuck with me for years

Back when I was studying Cisco networking, I hit a wall on loopback interfaces — specifically Loopback 0 (zero) on a Cisco router. I didn’t fully understand it yet. That’s fine; that’s what learning is for.

I was working through it out loud with coworkers in the cube farm when someone walking by overheard, stopped, and jumped into the conversation with a confident, fully-formed answer.

It was wrong, way wrong.

Here’s the thing. I didn’t know what Loopback 0 was yet, but I knew enough by that point to recognize what it wasn’t, and his answer wasn’t it. I later found out she’d taken a bootcamp a few weeks earlier just to get the cert checked off. She’d never touched a piece of Cisco equipment before that class, and as far as I know, she never touched one again.

That moment has stayed with me because it’s exactly why certifications get a bad reputation in some circles. Not because the exams themselves are worthless, but because a cert earned purely to pad a resume – with no hands on time before or after creates people who can speak the language fluently and understand none of the grammar. And when that person is confidently wrong in front of someone who’s actually doing the work, it damages the credibility of everyone who earned theirs the hard way.

Where I land

A certification is a floor, not a ceiling. It’s proof you were willing to put in the structured work to learn a body of knowledge — nothing more, nothing less. What you build on top of that floor, through actual experience, actual failures, and actual repetition, is what makes you someone worth listening to in a cube farm conversation.

I earned mine one book, one practice exam, and one long night at a time. That’s the only way I know how to do it, and it’s the only way I’d trust the letters after my name to mean something.

One very important “pro”

Here’s a practical point that often gets lost in the “are certs worth it” debate: many companies will reimburse you for work-related certifications. A good number of mine were paid for by my employer at the time.

That means, in a lot of cases, you’re not just gaining knowledge — you’re getting paid to become more valuable professionally. Every company handles this differently, and what’s covered varies widely. But if this is a benefit available to you and you’re not using it, you’re leaving money on the table.

 

My Proudest Cert: CISSP. Why, It was a six hour exam when I took it, and I only needed four hours. Although I had answered all the questions with two hours to spare, I was confident I didn’t pass, And if I didn’t pass, it would not be reimbursed ($599.00).

Longest on my “Bucket List”: CEH. I want the cert since before my PMP, actually all my certs. I purchased the All in One certification books several times over the year, but another cert got in the way. So a couple years ago, I had nothing on my plate, and my employer was willing to pay for the Class/Cert package.

Most Memorable: CCA. I earned the CCP/CCAs during and after my DOGE related layoff last year. It was one of my goals while unemployed to adapt to the changing landscapead.

 

Doug Was Built Not Born.