ISC2 Community Guidelines
Welcome to the ISC2 Community!
Our online Community is a place for cybersecurity professionals – including ISC2 members, non-members, certification candidates and others – to connect, collaborate and share knowledge and best practices related to the very broad topic of security. This encompasses discussions around new technologies, best practices, new regulations, professional development, the challenges and opportunities facing the cybersecurity workforce, ways to make the most of your ISC2 certification and membership, and much more. We would like to keep this Community a place for appropriate cybersecurity topics and encourage all off-topic discussions to be held elsewhere.
We want you to enjoy and find value in your experience as an engaged Community member. Please respect the guidelines and usage policies. The guidelines below, as well as the ISC2 Code of Ethics, are your guide for determining what is appropriate to post or comment on the Community. The Community is intended to be a forum for peer engagement, positive discussion and constructive advice. We expect all users to maintain a tone of professionalism in all Community interactions.
Community Guidelines
This Community is supported by ISC2 Administrators and Moderators, who are clearly identified within the Community. The guidelines below were developed to ensure the Community serves the purpose outlined above and creates a professional, safe and rewarding experience for all participants. ISC2 reserves the right to edit or remove any content in violation of these guidelines. Community users who violate these guidelines may also be subject to further action up to and including a permanent ban from the Community. At the sole discretion of ISC2 staff, users in violation may receive warnings prior to a permanent ban, but clear, blatant violations may be removed immediately, and any offending users banned.
- Open Forum
- One of the primary purposes of this Community is to raise awareness for cybersecurity issues and the profession. As such, this is an open forum. Post on the community knowing that what you share is viewable by the public and search engines. Only a limited number of closed groups are private and not visible to all users, including non-registered Community members.
- Only registered Community users can post messages. Create your Community account.
- Community users often share personal experiences and might offer peer-to-peer support. Keep in mind, that these are personal opinions and do not necessarily represent the position of ISC2. Questions requiring a formal answer should be directed to ISC2 staff. When answering questions regarding ISC2 policies or procedures, it is best to link to the appropriate ISC2 policy page and not try to summarize or paraphrase ISC2 policies as it can risk misunderstandings. It is fair to share your experiences and offer sources of support (such as emailing membersupport@isc2.org or flagging a Community manager), but ISC2 staff are aware of the latest policies, procedures and systems status, and are best equipped to officially and accurately address questions on the Community.
- Our Community Champions are here to encourage current and future members and to share their extensive expertise in information security to help facilitate discussions. We appreciate the support they volunteer to help the Community, but please respect their time and direct member and candidate support questions to ISC2 staff.
- The Community is a forum for honest, constructive discussion about the ISC2 association, including governance, processes, policies and systems. Be mindful tha tISC2 members are the heart of the association. Everything ISC2 members post on this forum is an extension of the association. Help your association grow and thrive by being a welcoming and helpful place for members, certification candidates and interested parties looking for solutions to today’s security challenges.
- As an open forum, community users respond to questions/posts with advice on topics. While we will attempt to correct any misunderstandings or outdated advice,ISC2 is not responsible for inaccurate information posted. Regarding questions about ISC2 policy and practices, we recommend users refer directly to the policies and procedures page.
- Protect Privacy
- Don’t share any information about yourself or your organization you do not want made public. Do not share personal information. Personal information includes your home address, full name, ISC2 member/ID number, credit card numbers, social security numbers, email address, etc. In addition, do not request the personal information of other users. Keep in mind, as with any online forum, that even the Community’s Private Message function is no guarantee of privacy of your online exchanges.
- If you have any issues with your ISC2 account, contact Member Services with your specific issue, account number and contact information at membersupport@isc2.org or visit www.isc2.org/contact-us for additional resources.
- In the course of your interactions with ISC2, you may come in contact with staff members through various communications channels. Do not publicly share the email addresses, phone numbers or other information about ISC2 staff other than their user profiles on the Community. When addressing association issues, do not identify specific staff members you feel may be responsible. Please escalate issues through appropriate channels and through Community managers.
- ISC2 reserves the right to promote posts and conversations in public discussion boards within the Community on other channels such as Twitter, LinkedIn, Facebook and its magazine InfoSecurity Professional to help encourage more diverse input and awareness about topics.
- Notification emails (such as responses or kudos to your post) will be sent from community@notifications.isc2.org.
- Honestly Represent Yourself
- Have fun with your username and avatar; however, remember this is a professional forum
- Do not purposely misrepresent yourself
- Do not impersonate other people, including ISC2 staff
- Do not use copyright-protected photos for your avatar
- Be Respectful
- Respect others’ time and attention with well-thought-out questions and discussion by keeping your tone positive and maintaining constructive criticism. Personal attacks or criticism of another’s abilities will not be tolerated. Insults, swear words, vulgar language, legal threats, controversial political statements, discriminatory remarks, ridicule, and/or illegal content is not allowed.
- Attempting to deliberately circumvent moderation tools and content filters in place to prevent inappropriate content is counter-productive and disrespectful of an administrator’s time. It will not be tolerated. Redacting or obfuscating offensive words when discussing threats and tactics used by threat actors is an appropriate way to address these valuable topics and information sharing.
- Be Relevant
- Keep discussions relevant to our Community’s mission and specific topic areas. Search to see if your question has already been posted to avoid duplication. If you are unsure if a topic is relevant to the Community, please do not hesitate to ask one of the Community team members at community@isc2.org. Do not reply with off-topic comments; instead, create a new post and link to the original if needed. Don’t post the same message in multiple areas.
- External links (including those in a signature) should only be posted when related to the content in the thread and not link to irrelevant or off-topic content
- Professional signatures including your name, certifications and link to your Acclaim badge or a reputable professional network like LinkedIn are permissible
- Be Lawful
- Do not any violate any laws or break any contractual agreements you have made (copyright, trade secret, nondisclosure agreements or others)
- Adhere to ISC2 Exam Confidentiality
- Discussing ISC2 examination items, answers and responses with other individuals is a violation of the ISC2 Examination Non-Disclosure Agreement that is signed prior to taking an ISC2 examination. Any posts related to this will be removed, and users found to be in violation may face penalties.
- General discussions about exams that do not share specific exam items are permissible. We encourage Community members to help candidates prepare themselves for success and share their own experiences without disclosing any information that could compromise the integrity of the exam process.
- Be Responsible With Vulnerability Disclosures
- This Community is not to be used as a forum for public disclosure of vulnerabilities. Ethical disclosure is important; however, this Community is not the appropriate place for original disclosures. Appropriate locations include places like bugcrowd.
- It is appropriate to discuss publicly disclosed vulnerabilities and how security professionals should respond.
- Promote Ideas, Not Products
- Solicitation or advertisement of goods or services in posts, links, private messages, or any other means of communication is prohibited, and Community users who violate these guidelines may also be subject to further action, including a permanent ban from the Community.
- Be Concise
- Lengthy posts can be intimidating on a forum and might discourage people from reading. Summarize your thoughts or question into a short paragraph with a few points to start a discussion within the Community. When reposting information from a blog, contributed article, or other information, provide a brief overview and include a link to the original source. We require compliance with “fair use” when reposting.
- Be Vigilant.
- Flag inappropriate content if you notice anything that violates these guidelines. To flag, use the menu at the top right of a post and select “Report Inappropriate Content.” It will be reviewed by a Community team member. In addition to flagging content that is vulgar, hateful and/or off-topic, this extends to non-helpful, ridicule and baseless jokes as well. This Community is intended to be a tool for cybersecurity professionals to work together to solve problems. When in doubt, refer to our Code of Ethics Canons:
- Protect society, the common good, necessary public trust and confidence, and the infrastructure
- Act honorably, honestly, justly, responsibly, and legally
- Provide diligent and competent service to principals
- Advance and protect the profession
- Escalate Issues Responsibly
- Alert the ISC2 Community managers to any issues you are experiencing or send an email to community@isc2.org.
- Members and certification candidates seeking assistance should contact membersupport@isc2.org for assistance.
-
Enforcement of Guidelines
- By using the ISC2 Community, you agree to the above stated guidelines, as well as the Website Access Policy for the ISC2 Community. Content that violates the Website Access Policy or the Community Guidelines will be removed or edited. Users violating Community Guidelines will be warned. If users continue to violate guidelines, they will face a temporary, 30-day ban. If violations persist after reinstatement, users will be banned permanently. Hate speech, personal attacks and spam posts will not be tolerated, and may result in the permanent ban of the user immediately and without formal notice.
ISC2 Employees
ISC2 employees will be properly marked by a lime green icon containing the word “ISC2". These are members of the Community who will share their knowledge and expertise on ISC2 products and services.
By using our Community, you agree to these rules, as well as the Website Access Policy for the ISC2 Community. Content that violates the Website Access Policy or these rules will be removed, and violators may be banned from using our Community.
Questions?
If you have any questions about the Community or are unsure about any of these guidelines, please feel free to reach out to anyone with the ADMIN (Administrator) tag next to their username, or email community@isc2.org.
UPDATED: October 2020
These guidelines and policies are subject to change at the discretion of ISC2.
ISC2 Community Manager