> dpark75 (Viewer) posted a new reply in Member Support on 01-24-2019 05:25 PM in

>   We have the power here. We must come together and exercise that power.

CISSPs of the world, unite! You have nothing to lose but your AMFs!

Unfortunately, I doubt we have much power here. Of the 130,000 or 140,000
CISSPs there are, roughly a third of them work for the US government, and have
to have the certs to hold their jobs. While that may seem ironic during a
government shutdown, ti does, nevertheless, mean that, as one person said, even if
ISC2 charged $10,000 for AMFs, you have to pay them to keep your job. Even if
everyone else left, by raising the rent and dropping the tenants, they still get to
make half the money, for a lot less work.

Then there are those who get to have their employers pay for the cert, and the
AMFs. They aren't going to care much, either.

So, that leaves those of us who do have to pay AMFs out of our own pocket. And
I'm quite certain that, in my case, ISC2 would be just as glad to see the back of me.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@vcn.bc.ca slade@victoria.tc.ca rslade@computercrime.org
Security, like correctness, is not an add-on feature.
- Andrew S. Tanenbaum
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://is.gd/RotlWB

I think your link had some extra characters. This should be good

 

I agree with dpark75.

 

I have already reached out to several clients that I am assisting in filling security positions, and had discussions regarding the perceived value of the ISC2 certs.   They have universally agreed with me and will no longer include the CISSP as a job pre-requisite.  I also work with several cybersecurity graduate students that have come to me for guidance in advancing their careers.  ISC2 will not be in those conversations.

 

I am an older guy and I recall a similar scenario with Novell with their CNE cert.  As it got watered down, companies de-valued the certificate.  Hopefully one of those 6 figure executives will see that ISC2 does not have a product without it's members.

 

RIP (ISC)2

 

 

Wayne, you mean the "paper CNE" effect, which became the "paper MCSE". The constant push to expand membership and not to better the profession... seems to be exposing itself yet again.

 

Until yesterday, I'd tend to enthusiastically recommend the CISSP to friends / colleagues, so it'll be hard to suddenly change my stance. To soften the blow, I'll go like something like this : -

 

The CISSP certification is a must-have --- at least, you'll feel that way at the start. You're likely to get posted in a good organization, hopefully one that will bear the costs of your AMFs. Earn more certifications from (ISC)2 & there won't even be additional AMFs; just keep in mind that the examinations aren't free.

 

Once you're certified, you'll face the ultimate test. Unlike other organizations which only require that you earn CPEs to maintain a certification, (ISC)2 challenges holders to 'hack' their way into its portal and add these using their own judgement. (To ensure high standards, your CPEs may be audited --- but if any are flagged, you just have to earn more)

 

To ensure members stay sharp, (ISC)2 may intentionally create errors when you attempt to pay your AMF --- once you report this everything should be okay. Failing to noticing this is no cause for concern, so long as you're ok paying a double amount later on.

 

It may not be a win-win situation --- but (ISC)2 definitely wins.

 

 

I'll try to keep a cheerful face when I'm saying all this, and if the person feels compelled to take the CISSP after hearing it, I'll know I should have been an actor... 

 

 

 

 

 

---

@Caute_cautim wrote:

Can we please have a justification for the increase and the benefits to be gained from the boards perspective?

---

 

For now, I'm going to assume (ISC)2's board did a cost-benefit analysis that somehow yielded the following results: -

 

Proposal: Remove the requirement to maintain AMFs to individual certifications --- by increasing the base AMF amount.

 

Cost:

1. CISSP holders reacting on the (ISC)2 Community.
2. A global outcry from CISSP holders.
3. CISSP holders abandoning their certifications.

Benefit:

1. Additional income, to compensate for no profits being made.
2. Motivation for members to obtain more certifications from us.
3. Reason for members to be more diligent when accruing CPEs.
4. Increased participation on the  (ISC)2 Community.
5. The voice of CISSP holders being heard globally.
6. A means to be on the same level as ISACA.

Verdict:

1. Cost 1 is negated by Benefit 4
2. Cost 2 is negated by Benefit 5
3. Cost 3 is negligible, as many positions mandate holding a CISSP.
4. The benefits --- particularly Benefit 1 --- outweigh the costs

(For all we know, they may have just tossed a coin to accept such a proposal)

 

On a serious note, a justification by (ISC)2 is needed. I'm also wondering if it would be feasible to opt out of member benefits to get the cost reduced --- the only thing that matters to me after this AMF hike is the certification, given that other resources are usually available elsewhere, often for free...

 

 

Yeah at least ISACA let you pay a reduced 'admin' only fee to keep your certs valid without the so called 'member benefits'.

I would not be surprised if a legal challenge is being considered against this price increase and the ISC2 board; possibly crowdfunded by the members.

Some people will accept the hike, some people will leave ISC2, and some may fight it.

Why would you say that out loud.   For crying out loud, don't give them any ideas of further increases.