Reform candidate Dave Lewis has been elected to the (ISC)2 board of directors. The security certification body, which administers the Certified Information Systems Security Professional (CISSP) qualification, has about 80,000 members worldwide. Four of the 13 seats on the (ISC)2 board were up for election this year; one of the …
Don't forget the CPEs
Gave up my membership years ago when the downturn meant that the £2000+ courses required to get your quotas of CPEs became thinner on the ground. You could top them up with endless vendor meetings, but eventually even the vendors gave up when you bought nothing. You were only allowed to read one book a year.
Being CISSP gave me a certificate and ... and somewhere to register my CPEs.
Forget the CPEs
And have the pleasure of splashing £440 every 3 years for the delights of the 6 hour multi-choice exam. At least that forces you to revise - and means an average annual cost including membership of circa £200.
A while back, I (with no formal IT qualifications) was called in to fix and secure a server / site that had been hacked. The site advertised the professional IT security services of someone boasting the following:
CISSP (Certified Information Systems Security Professional)
AIISP (Founder-Member of Institute Information Security Professionals)
MCSE (Microsoft Certified Systems Engineer)
CCSA (Checkpoint Certified Security Administrator)
CSSA (Certified SonicWALL Security Administrator)
CFSA (CyberGuard Firewall Security Administrator)
WCSP (WatchGuard Certified System Professional)
This well-qualified individual had left phpmyadmin in an obvious location with no mysql root password set. In addition it turned out that remote desktop was running (Windows server) and the Administrator password was his wife's maiden name - six letters long, all lower-case, and a dictionary word.