There are many reasons.
First, the training offered by SANS is second to none. The GIAC certifications demonstrate real world knowledge (esp. the Gold levels).
Next, there is the added benefit of re-training.
GIAC certifications need to be renewed ever 4 years. In my case this is not exactly true as I have a couple GSE platinum level certifications. The thing is that even with the requirement removed, I still re-certify.
SANS has some of the best training for information security offered anywhere in the world. The benefits of training through SANS are too numerous to note in a simple blog post, but they are why I keep coming back.
At the moment I am re-certifying my G7799 and GLEG certificates. Once I complete these I shall move to my re-certifying in my GCFA. The former two I shall have completed by Dec this year, the later shall be re-taken by Jan/Feb 09.
As a GSE-Compliance, my G7799 is covered and I do not need to re-certify but for the GSE. The same applies for the GCFA that I shall do early next year. The GSE-Malware I sat in October covers this. The reasons are two-fold. First, they keep my skills sharp. Practice is the way to becoming a successful IT Security professional.
Just ask any of my staff, I make sure that they train. I have people doing the GCFA certification, the GSEC, G7799, GISP and other SANS training as we speak. In fact, the GISP is one of the best ways to train for the CISSP exam. I know, I have staff doing this now!
Next - and more importantly, the re-certification process gives you updated books and MP3 files as a part of the process. Next, the "On-Demand" bundle is offered for a minimal cost. These CBT (Computer Based Training) sessions are the best in the industry. You have the SANS instructors and fellows, the material and can learn in your free time.
Finally, the STI (Sans Technology Institute) offers a couple of Post Graduate degree qualifications. The Master of Science Degree in Information Security Management and the Master of Science Degree in Information Security Engineering are two of the best post graduate info-sec courseware masters degrees that are available anywhere and they incorporate the elite GSE certification as well to have you graduate as a professional who can be trusted to know the essentials from the start.
As for me, I shall continue to do more training with SANS and will keep working to have their certifications added into the courses at my local University (CSU). To this end, a Masters degree in Digital Forensics based on a combination of University subjects and industry certifications (including those from SANS) will be available soon.
As soon as SANS gets their new SEC 501 course offered online, expect to see me sign up. This looks a great extension to the SEC 401 offering that leads to the GSEC certification. Why not show that you have the 37337 (hacker 4 elite) skills to make it in the IT Security industry and at the same time meet a set of contacts that will help you throughout your career. Plan to take the training or challenge the certification today!
Next for me... The GIAC Secure Software Programmer - Java (GSSP-JAVA) certification and then the final GSE to complete the trio later in 2009. What better way to show that you know your stuff in secure coding! The GSE requires the GCIH, GCIA and GSEC certifications, all of which I have. One REAL benifit is that I will get the material for the GSEC before I take the GSE exam next year.
I have the GCIA and GCIH material already (though I am looking forward to seeing all the updates for they change regularly). I challenged the GSEC and thus do not have these books or MP3's. I guess this is something to look forward to.
P.S. I am not even being paid to say this.