cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
wimremes
Contributor II

An Open Letter to the ISC2 Board of Directors

Also publicly posted at https://www.linkedin.com/pulse/open-letter-isc2-board-directors-wim-remes/

 

Everybody makes mistakes.

Everybody deserves a second chance.

 

Over the past few weeks plenty has been written about the proposed Bylaws changes the membership is asked to vote on. As an engaged member since 2006 who has served with many of you on the (ISC)2 Board, I strongly disagree with most of the proposed changes but most importantly with the way they are brought before the membership. The absence of a strong rationale for every change and the lack of a clear plan, shared with the membership, to address the most impactful changes only add insult to injury. Many unanswered questions remain but you refuse to engage with the membership at large. 

 

It is very clear that a large number of members disagree with the proposed changes and they are making that very clear. Loudly, and publicly. Our association does not deserve the damage that has been done by a Board that seemingly lost connection with the core values of the association and its membership.

 

I have heard you talk extensively about good governance, setting up the association for success, and strengthening the membership. Your actions don’t match your words. Today we see that at least 3 generations of previous Board members, many current (ISC)2 members, (ISC)2 Chapters, hiring managers worldwide, and even governments are watching you and disagreeing with you. Your actions have hurt the association, its members, the industry, and the broader information security community.

 

You might see me as an adversary of the association because I disagree with you. I can assure you I am not. I am a member exercising my member rights while I can. It is my duty to share why I disagree publicly and relentlessly. In any other case I would be acting counter to my promise to advance and protect the profession, made when I signed the (ISC)2 Ethics Charter back in 2006. As long as I am a member, I will always act in the interest of the association, putting its members first.

 

As some of you have stated in different forums, Bylaws changes are needed for any organization, non-profit or otherwise. They are, however, rarely drafted in isolation, not familiarized with the membership, unsupported by a plan of action, without consideration of the association’s fundamental raison d’être, and submitted for an “all or nothing” vote on an extremely short timeline.

 

I call upon you to do what is in the interest of our association, its members, and our profession:

 

  1. Withdraw the current proposed Bylaws changes.
  2. Organize a broad consultation with the membership to redraft Bylaws changes.
  3. Publish amended Bylaws with a strong rationale and, where applicable, a plan to implement the desired changes.
  4. Submit the amended Bylaws on a per amendment vote.

 

I, and many members with me, remain available to work with you in the interest of our association. With an emphasis on “our”.  You may not like me but we all are asked, by our association, to adhere, and be seen to adhere, to the highest ethical standards of behavior, out of duty to eachother.



Sic semper tyrannis.
9 Replies
DHerrmann
Contributor I

I proudly voted "NO" and encourage others to do the same.
dcontesti
Community Champion

It should be noted that during the  (ISC)2 Town Hall, Zach Tudor (1:05 to 1:06) clearly states that as a result of the changes made, he will never be able to run for the Board again.

 

His comment, makes it sound like the new by-laws are a slam dunk and there is no need to vote.  I am flabbergasted by this.

 

AGAIN, VOTE NO on the by-law changes.

 

 

tparker
Newcomer II

Thank you for speaking out with such clarity. 

 

It feels like the board has lost touch with its membership, and that the membership has lost touch with the board. I hope there are enough folks still engaged to allow a course correction.

JoePete
Contributor III


@wimremes wrote:

Your actions have hurt the association, its members, the industry, and the broader information security community.


As harsh as that statement may be, it is the one that resonated most with me. As security professionals, our "house" is supposed to be in order, and it's not. It's almost apropos that as this discussion goes on, elsewhere the spambots are invading our "community" here. At the top, at the governance level, we are seeing a dilution (or delusion?) as to our mission and its process. And here at the member level we have seen our tight affinity give way to pedestrian annoyances.

DHerrmann
Contributor I

I wouldn't term them "pedestrian annoyances". I consider this vote essential to continue ISC(2)'s ability to survive. Only a "NO" vote will allow OUR organization to continue to operate as an ethical, focused, member-focused body. A "yes" vote moves ISC(2) to a cliff without an ethics board, limited member participation, and what I see is a move to become a for-profit entity.
JoePete
Contributor III


@DHerrmann wrote:
I wouldn't term them "pedestrian annoyances". I consider this vote essential to continue ISC(2)'s ability to survive. Only a "NO" vote will allow OUR organization to continue to operate as an ethical, focused, member-focused body. A "yes" vote moves ISC(2) to a cliff without an ethics board, limited member participation, and what I see is a move to become a for-profit entity.

I was more referring to the spambots - and with no intent of offending anyone - we seem to have been flooded with a lot of "I have no experience. How do I become a CISSP" type posts lately. I think that speaks to the nail you hit on the head - the (ISC)2 board and management have moved us toward a model where the members are more the customers than the owners. How ironic that we are now getting flooded with ads to "buy" a certification?

 

I like your summation of the vote. From my view, we've already started down this road and the board and management are just backfilling some bylaw changes. Put another way, I don't see a NO vote by itself changing the direction of things. Given that the board and management have bestowed upon themselves a monopoly on the use of the organization's mailing list, and have used it to urge a YES vote, those of us of a different persuasion may be tilting at windmills. There may be a bit of economic entropy at work here, I think. We started as a clear organization with a clear mission, but you start making money, hiring management, who undoubtedly sees their job as making more money, and the mission starts moving toward disorder (or dare I say a "new" order). Along the way, we, the owners/members become disenfranchised, and part of that is through bylaw/governance changes. 

wimremes
Contributor II


@JoePete wrote:

@DHerrmann wrote:
I wouldn't term them "pedestrian annoyances". I consider this vote essential to continue ISC(2)'s ability to survive. Only a "NO" vote will allow OUR organization to continue to operate as an ethical, focused, member-focused body. A "yes" vote moves ISC(2) to a cliff without an ethics board, limited member participation, and what I see is a move to become a for-profit entity.

I was more referring to the spambots - and with no intent of offending anyone - we seem to have been flooded with a lot of "I have no experience. How do I become a CISSP" type posts lately. I think that speaks to the nail you hit on the head - the (ISC)2 board and management have moved us toward a model where the members are more the customers than the owners. How ironic that we are now getting flooded with ads to "buy" a certification?

 

I like your summation of the vote. From my view, we've already started down this road and the board and management are just backfilling some bylaw changes. Put another way, I don't see a NO vote by itself changing the direction of things. Given that the board and management have bestowed upon themselves a monopoly on the use of the organization's mailing list, and have used it to urge a YES vote, those of us of a different persuasion may be tilting at windmills. There may be a bit of economic entropy at work here, I think. We started as a clear organization with a clear mission, but you start making money, hiring management, who undoubtedly sees their job as making more money, and the mission starts moving toward disorder (or dare I say a "new" order). Along the way, we, the owners/members become disenfranchised, and part of that is through bylaw/governance changes. 


Oh ... I thought renaming Member Services to "Customer Excellence" was just a coincidence.



Sic semper tyrannis.
TrickyDicky
Contributor II

@tparker wrote:

It feels like the board has lost touch with its membership, and that the membership has lost touch with the board. I hope there are enough folks still engaged to allow a course correction.

 

The engaged membership are here, on the Board-approved Community discussion forum, willing to engage.  It's a pity that none of the ISC2 Board ever show up (unless they're seeking election (which will never happen again))!

tparker
Newcomer II


@TrickyDicky wrote:

 

The engaged membership are here, on the Board-approved Community discussion forum, willing to engage.  It's a pity that none of the ISC2 Board ever show up (unless they're seeking election (which will never happen again))!


There are engaged members both here and at the less official places. However, there aren't enough to get the board members attention. Sure, it's been enough to get a board seat here-or-there over the years, but the new bylaw changes will make sure that never happens again.

 

What's striking is the complete lack of support from the membership for either the changes or the board's slate of candidates. A lot has been written by members about why the changes are bad, but I haven't seen one word from members about why the changes are good.

 

There's no illusion of support or of a divided membership. (ISC)2, meaning the members, do not want this to happen and (ISC)2 leadership seems to feel no pressure to listen to its members.