Some feedback for ISC2: I enjoy most of the webinars. It does require you to acknowledge that most are being provided from vendors that have your business to gain and exposes your contact information to them.
However, my issue is the extreme amount of spam solicition that comes back from this. My inbox increases by at least 25-30 or more soliication emails per day. It seems like I spend the better part of a month having to unsubscribe to all of these vendors. Some get atdded to a list in exchange, never to be able to communicate with my compay ever again. While some may not be coming from signing up for these webinars, I do notice a high volume uptick when I register for and attend one.
The issue is so bad that I registered a junk domain and email addresses that I don't use just to sign up for these (as it does not allow gmail addresses to be used).
Anyways, these are great for CPE opportunities and very snackable content for us that are maintaining certs and trying to stay current within the industry. That all for now!
As a longtime (since 2004) CISSP/(ISC)2 member, I have to say, it strikes me that some of what (ISC)2 does these days (and also their vendor/parthers, such as BrightTalk for webinars), undermines good security practices rather than espouses them.
I'll start with the password reset function. The email that goes out has no intelligent plaintext alternative, forcing a user to read in HTML. Even then, the link to reset the password is only contained as an external image. Not only is this poor design from a security standpoint, it is also atrocious from a usability and accessibility standpoint.
Then the BrightTalk form, why do I as a paying member of an organization, upon being logged into that organization's web site, then have to create a separate, prepared-to-spammed account with a third party? Again, security-wise, have those who run (ISC)2 ever heard of "attackale footprint?" Again, poor design from a security standpoint, but also atrocious from a member/affinity standpoint.
I get that members clamor for CPE opportunities, but turning back to the early days when the main member benefit was the InfoSecurity Professional magazine, that was a great resource and somehow we all managed to make our CPEs. I get that print costs encouraged it to move to an online-only form, but now it is nearly impossible to find the magazine on the site. The magazine appeared to be (ISC)2 generated content, vetted, well-laid out, and professional. Much of what is being put in front of us today seems akin to LinkedIN postings and vendor presentations.
I understand that as leadership changes so too does the direction of the organization. Perhaps this is a governance issue (a lot of change, too little strategic planning), but I would suggest the (ISC)2 focus on quality over quantity of CPE opportunities. If your idea of "exclusive" benefit is having me sign up on BrightTalk so that they can bounce my contact info to their marketing partners, I'd rather just go on YouTube and save the load on my spam filter.