Well, in yet another move forward for ISC2, I had purchased a book for the CCFP certification and had planned to start self-study. Glad I checked the status, because they have already ended that program!
This cert has proven to be useless thus far (4 years in) and just a drain of time and resources. Game over.
@jsawyer773An interesting set of comments, but with insufficient information to process your claim or circumstances. This is rather like stating I am a certified Cisco Engineer, but actually I work for Juniper or Palo Alto. Can we at least have some more background, why the CISSP does not fit your actual situation or the why you came to this conclusion, so others can learn and advise others accordingly please?
Hoping you will participate?
To summarize, I was quite interested in the security field and was working a lot with security projects and implementations in 2011-15, so I thought the next logical step was to get the CISSP to accompany (and compliment) my technical project management background (and PMP).
After a few months of study and prep, I spent several hours on a Saturday taking the painful exam...and passed. Since that time I've dutifully fulfilled CPE and AMF responsibilities...reading articles, attending webinars, reading the ideological member magazine, and paying dues on time. Over my short 4 years of membership, I've watched ISC2 materials (magazine, webinars) become less technical and more watered down... and there is also a much heavier push to sell pricey seminars in Orlando and Washington, DC with the promise of "up to 16 CPE's".
Forget using BrightTalk webinars for CPE credits...your contact information will be captured and resold to multiple vendors who will call and email you mercilessly...but don't click on the "unsubscribe" links in their marketing emails...every security "expert" knows that! Alas, What's a member to do?
As far as my career is concerned, this cert has been more of a decorative "nice to have" that takes a lot of time and money to maintain (especially now after the recent hike) with a dash of marketing and ideology thrown in. I'm just mildly disappointed, that's all.
Thanks for listening.
OK, am biased as recently became an (ISC)² employee, although have held the CISSP since 2001. I do believe the Exams and Certification are valuable, informative and educational. They stay relatively current with real-world input and staying vendor-agnostic.
The behind-the-scenes effort that goes into Exam Development and refresh is incredible (and expensive). Serious workshops are held continually to review and refresh the content of all the Certifications. These workshops are comprised of Member volunteers from around the world and facilitated by third-party professionals in Exam Development, with each exam refreshed at least every three years.
I could go on about other areas that work to keep our Certification valuable, e.g., policing Ethics violations, etc. but will stop. Just saying, the fee doesn't just cover tracking our CPE’s, but also supports the entire Certification program. And am looking forward to more “free” educational offerings from the new Professional Development Institute.
@jsawyer773Thank you for being honest and candid: My intention is not to put you on the spot, but to understand your reasoning. Maybe I am a dinosaur, however, having been brought up in one of the most disciplined areas of information security - communications security, in the field, so to speak. I personally, like a framework, which keeps me honest, trustworthy and maintains my integrity especially in front of clients. So to me, knowing that I could be struck of the public register and my employers know this - it has always been a motivation to maintain my integrity, because being struck off, is similar to a Lawyer being struck off the Bar, or a teacher having their teaching license revoked. I put myself into places, in which the level of trust is always required and demanded; everyone experiences different reasons for obtaining the CISSP or SSCP etc. I maintain because I mentor others, plus the fact, I have to keep reminding myself from time the core principles, to ensure I keep myself on track or studying for an additional concentration.
It is a good set of principles and strong baselines, which acts as a launching point for tackling other disciplines, and study for example I have been studying Quantum Computers, which I am enjoying - but having those fundamental principles in the back of my mind, and knowing how to review holistically new situations despite the technology being pushed, has helped me personally.
Being a security architect, and having to set into the role of Project Manager from time to time, has helped tremendously in my career. It would be a very sad, time for you or others to depart, especially as we face a global security practitioner shortage, and demand is is going up for yourselves. Or maybe you don't see that demand where you are? Or maybe its time to look further afield and challenge yourself, not that I am advocating that you do so. All of us, whether we move between organisations every few years, or work within major global organisations, have journeys within, the motivation to challenge ourselves has to come within.
Keep those key skills, and put them to good use, they are definitely wanted.
Thank you for sharing your thoughts.
@miketcook @ Thank you for your perspective and encouragement too - we could all do with a little encouragement from time to time.
Sadly, it seems the only responses to my post are ISC2 employees that are desperately trying to defend the value of their certifications and by default, their organization as a whole. I think the whole thing has grown too big to defend, and is now out in the open for referendum. This is how things should be. I certainly hope other members speak up about this.