Certifications (and degrees) are critical in many professions. For example, medical doctors, nurses, accountants, and professional engineers must be certified.
Many people in infosec have no related certifications or degrees. I certainly didn't have any certifications for the first decade+ of my infosec career. Fortunately my clients never asked and I had all the interesting work I could handle at great rates.
But certifications have become more important . . .
Clearly security certifications are not required for success today. Some of the smartest and most successful people have no certifications or degrees, and there is no shortage of certified idiots and incompetents, but . . .
and most people who hold Information Security certifications have learned valuable information and gained useful skills too.
Yeah, so I've learned some worthless drivel as well - nothing is perfect, and that certainly includes certifications.
I'll admit to holding over three information security certifications now, including the CISSP and GSEC, although I don't list a litany of alphabet soup initials after my name.
Ted Demopoulos, NIN (No Initials Needed, or CISSP, GIAC GSEC, GSLC Security+ etc. if you prefer)
Yes, I have a Security Certification or two or more . . .