Thank you for sharing your perspective and trying to address my concerns. I completely understand and resonate with your points about the challenges faced by newcomers breaking into the cybersecurity industry, particularly concerning the ISC2 program. While ISC2's program does spark enthusiasm and interest in the field, it's crucial to acknowledge the hurdles individuals encounter upon reaching the door, only to find it closed.

As someone new to the field, I wish that ISC2 waives the annual fee for CC certification until it gains wider recognition. Hands-on skills are vital for entry-level roles, and additional costs like joining ISC2 communities can be burdensome. Instead of solely focusing on revenue, ISC2 should prioritize offering free training and free professional guidance. I believe tailored programs for CC holders and newcomers can attract more individuals and empower them to succeed.

I appreciate the opportunity to voice my concerns and hope ISC2 will seriously consider implementing changes that better support newcomers like myself.

Thank you and I'm open to correction from those with more experience.

My story follows a similar path.

 

• I targeted CISSP initially.
• Then, I came to know about the CC certification's existence.
• Decided to work on CC first and achieved it a couple of months earlier.
• Now have decided to take a couple of more certifications from the EC Council before moving back to CISSP.
• This is after I realized that these certifications will not only provide more value to my targetted career path but also will eventually help in CISSP preparation.
  
  Hoping to finish all 3, one by one, within 2024.

I am supporting this.

I am supporting medeng on amf waiver for CC as this is marketed as free examination and as this is entry level

@Pragatiswaran

I think there are a few nuances on this conversation to consider, and this will take some time so please bear with me. It would be nice if it really was free as in beer(at least we’ve got free as in speech), however don’t hold your breath. 😉

The first comes down to whether you have experience in IT or even cybersecurity.

If you do and it’s relatively easy to get a job the cost isn’t so great and in any case you eve a better chance of passing due to existing knowledge - this isn’t really where ISC2 is focused but folks in thread are finding benifit in a pre-CISSP workout.

The second group are folk without experience. As CC gets more people take it there will be more pickup use in market / it’s going to take a while but eventually it might look like a natural first step before Security+(most people looking for a first job are considering that or executing on it, two really strong things CompTIA has a lot of recognition and hands on. So bigger than the fifty bucks is the opportunity for cost CC or Google then CompTIA(the discount I think is helpful), finding test centers etc. Personally I’d like to see less fragmentation and organisations working together on a first step - ISC2, CompTIA, ISACA with MS, Google, Amazon and others would be really compelling and complement each other.

Waiving the AMF might sound nice…:) however I’m not sure it’s sustainable let’s say a free exam costs say 30 USD to ISC2 and that needs funding - as a non-profit ISC2 has to have transparency on its accounts and it has a lot of mouths to feed on its wage bill and other expenses:

https://www.isc2.org/-/media/Project/ISC2/Main/Media/documents/annual-report/ISC2-Annual-Report-2022...

It’s a shiny PDF but like all of these things the important stuff is at the back with not that many colours so it doesn’t look too interesting.

Now it’s got a lot of assets, however I’m pretty sure it needs the 50 USD per user per year(PUPY) to stay on an even keel and there is a lag of 1-2 years on the audited financial reports. One million CCs would be a nice little earner 50M USD, however getting there probably isn’t easy and there are costs for every new candidate. Non- CC members, the legacy are mostly CISSPs and there are not that many compared to the number of free exams, also got a +10 USD PUPY bump to AMFs that wasn’t communicated much if at all apart from when we paid AMF and OSC2 has been reminding us via lots of email 4-5 months in advance last time AMFs went up(if you had more than one certification you got a discount - kerching in the bank!:D) there was much wailing and gnashing of teeth in the membership), so leaning on legacy members who are already mid-career to fund CC candidates. It will be interesting to look at the 2023 and 2024 financial statements(especially if ISC2 starts publishing proper member counts again - at least to the membership) to see what the costs of CC exams, marketing administration etc are.

Let’s go to the denouement. Just as a 50 USD PUPY from 1M peeps would a lovely income stream let’s imagine a world in which lots of people take it, fail and then say that was a great workout for Security+ or even CISSP in five years time.ISC2 is paying for those exams, cost of marketing, more staff etc - maybe it needs to fork out 40 USD per client it wouldn’t look good. Now imagine it waived the AMF fee for the whole 1M(not going to happen I’d say but if you did it for one, you’d probably have to do it for everyone). At the very least It wouldn’t look good in the accounts, and for this reason even though all those numbers I use are fictional, I think it’s very likely a non-starter.

Personally I used to pay much more for ISC2 certs and the IAAP manage to shake me down for 250 USD per year for membership, so fifty bucks really isn’t too bad for starters and if it doesn’t bear fruit, I.e. no job just don’t renew after the initial or subsequent year) or it serves its purpose and your are straight at lucrative industry/infinite possibilities land and then you might even choose to not renew as it did what you wanted.

In any case best of luck, and in the end it’s always about the journey.