Voting for the (ISC)² Board of Directors is now open! You're welcome to post questions for the candidates on this board.
In the meantime, you can read about the candidates background, as well as learn about what they hope to achieve on the board over on our website:
I'd like to start off the questions:
Mr Grayek: When the Board Slate was announced, I did a quick online search for you as I'm not sure we've ever met. When I attempted to validate your certification with the number you provided on LinkedIn, I got a null response. Have you always maintained your (ISC)2 certification or were you not "in good standing" when the Slate was announced?
Question for Mr Melnick: David, congratulations on being nominated on the Slate. There was some criticism from current and past Board members of another candidate (a previous Board member) who was attempting to get on to the Ballot. There was a bit of heated debate on the thread with some open and frank opinions on what added value past Board members could bring afresh.
Would you like to outline what your motivation is in running again after previous service on the Board, and what you feel you'd like to achieve now, that you couldn't before?
I've yet to go through the profiles, but I'll say one thing to the candidates now:
We're all hoping to see is active participation here by members of the BoD, so this is where you can start to show us the light...
I pay for my own annual fees to maintain my CISSP and the price increase was an affront, borderline unethical. This cert provides me an entry on my resume and a checkbox for the recruiter (sometimes.) Beyond that there is no value added anything to me and all the other CISSPs I know, which is substantial. In other words there is no justification for the price increase and anything said to support the increase is detached from reality on how the average CISSP uses the site and resources. This is a certification, nothing more, albeit a top tier one. I have countless certs and the maintenance fee for the CISSP now probably is more than all the others combined. I want to know which candidate supports realistic fees and I think others would like to know as well. It is really basic, I don't want double talk, or conditionals, or any other means of getting past a Boolean question. Will the candidate try to work towards reducing the fees back to something reasonable? Yes/No, 0/1, On/Off this is a direct question that requires a direct answer.
TrickyDicky, I appreciate the question. Following my service while I was a Principal at Deloitte in their Cyber practice. I resigned my partnership and started a company focused on striking a new balance between Security and Privacy which provided Unmonitored Web Browser Isolation allowing companies to provide employees with a private space to conduct personal web browsing which was fully isolated to create a low risk zone blocking downloads and uploads into the corporate network space. As you might imagine this was a bold idea for US CISOs that want telemetry/monitoring on everything, but helped solve problems in Europe where employees arguably have a right to privacy in the work place. Anyway to make a short story long... At the beginning of 2018 my company (Weblife) was acquired by Proofpoint where I am now. This event was somewhat life changing for me personally and led me to consider how I could give back to a profession and community that had given so much to me. This run for me is an act of service. I have the time and desire to offer my time and energy to try and create value for our community.
Diversity leads to better decisions... Period. Not just gender diversity, but diversity of culture, geography, race, etc. I didnt establish the slate, so cant speak specifically to that process but assure you that developing a pipeline of leadership and a diverse board is something I would actively support.
If all you want is a simple answer, at this point I would say NO. That might not be the vote getting answer, but I am not a great politician. We face a trade off between the services and efforts we undertake for the community (which require money) and our role as a Non Profit,i.e organization that is not designed to make a profit, which should never collect fees it doesnt require. The real questions become two fold: