Information security certifications have been around for more than two decades, and hundreds of thousands of professionals have attained them. As the industry matures, many academic institutions now offer bachelor and advanced information security degrees. Should the infosec community continue to support these certifications or should we encourage a more traditional academic approach?