cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
StephenPullum
Viewer

ISC2 CISSP Diversity and Inclusion In This Virtual Age

Hello, my name is Stephen Pullum. While currently not a practicing CISSP, I did obtain my certification in 2001 with Certification number of 28519. I am Black and while there is a lot of diversity in the ISC2 community now, there was not back then. I get asked a lot about who was the first Black CISSP because there was not a Community Board back then and if you did not really participate in you local Chapter there was not really much communication. This is not a racial question but a motivational one mainly because I was "hacking" in the Craft since 1982, joined the USAF in 1984 and did 27 total years. Younger Black cyber practitioners are asking me about the foundation of the Craft and historically where did Black people started becoming cyber certified. That is a valid question since in this day and age people pursue certification like it is something new!! 

 

Did ISC2 track that metric of diversity back then? I have a low certification number and though not in the first 1000 certified ever, I really would like to know historically. Can't be too many Black CISSP's before me.

 

Be Blessed and Be Safe!!

 

Stephen Pullum

6 Replies
rslade
Influencer II

> StephenPullum (Viewer) posted a new topic in Welcome on 12-19-2020 02:52 AM in the (ISC)² Community :

> While currently not a practicing CISSP, I
> did obtain my certification in 2001 with Certification number of 28519. I am
> Black and while there is a lot of diversity in the ISC2 community now, there
> was not back then.

Ah, but there was the original CISSPforum. (Which we replaced:
https://community.isc2.org/t5/Welcome/CISSPforum-replacement/m-p/11006 )
Some of the *really* old guard are there, and you might want to ask them.

> I get asked a lot about who was the first Black CISSP
> because there was not a Community Board back then and if you did not really
> participate in you local Chapter there was not really much communication.

Well, if you are talking about communication with HQ, there never was all that
much, but there *were* no local chapters back then. In any case, I'm sorry I can't
help you for sure because most of my colleagues and friends are virtual, and I have
no idea what colour (and sometimes even gender) they are.

I do recall teaching a seminar back about the time you got your cert, and one of
the candidates with a high skin melanin content, when asked about what he would
do in a difficult situation, said that he would simply blame it on "The Man," which
got a big laugh. It might have been in the same seminar that we had a female
candidate, of similar skin hue, who was a genuinely disgruntled postal worker. (We
were *very* careful about discussing physical security in that seminar.) I do recall
a couple of seminars slightly later where *all* the candidates were black, but that
may have been because I was teaching the first seminars in Lagos. (I think
possibly the only reason that I was allowed to discuss "The Scam" with them was
because some years before I had been an invited speaker at "The First
International Conference on Advanced Fee Fraud" which was sponsored by the
Nigerian government.)

> This is not a racial question but a motivational one mainly because I was
> "hacking" in the Craft since 1982, joined the USAF in 1984 and did 27 total
> years. Younger Black cyber practitioners are asking me about the foundation
> of the Craft and historically where did Black people started becoming cyber
> certified. That is a valid question since in this day and age people pursue
> certification like it is something new!!

You will forgive me if, after all these years of teaching it, I do not consider it
something new ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
Why do you look at the cosmetic error in your brother's code and
ignore the runtime error in your own code?
- https://twitter.com/gods_toddler/status/534701865976750080
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

............

Other posts: https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

This message may or may not be governed by the terms of
http://www.noticebored.com/html/cisspforumfaq.html#Friday or
https://blogs.securiteam.com/index.php/archives/1468
ericgeater
Community Champion

Greetings, Stephen!  It sounds like you have an interesting cybersecurity history.  Did you let your CISSP lapse?  What type of work are you doing now?

 

I hope you can find your answers on diversity in cybersecurity.  You're right; there are many more PoC in this line of work these days.  Do you volunteer with any infosec groups in your area?

--
"A claim is as good as its veracity."
StephenPullum
Viewer

Greeting Sir,

When I retired out of the service after 27 years (10 Active, 17 Reserve) I
left Cyber behind for a while. Having gone in in 1984 and separating in
2012, I had watched the cyber craft evolve into something more money based
versus the love of the Craft. Everything we did in the early days was for
the love of the Craft. As we kids got older and money and consulting
exploded, to me many started the certification chase as a means of
validation of who they were and their importance to the industry without
any historical perspective. The Craft got lost. Well not lost, the love of
the challenge became glamorized in movies and enigmata. I got my CISSP
initially not for a job, and any other cert, but because the beauty of the
questions were questions I lived through. The Rainbow Series, ACP's,
JANAP's, Autodin, MDS and so much more that we as Comm-Computer people were
asked by ISC2 in 1994 to join as we separated Active Duty. There is a
beauty to what we practice.

The reason I pose that question is because in the initial certification
quest, everyone cares about the certification and not the metrics of
diversity and race. The first ever Black organization to try to assemble
cohesively individuals was the Black Data Processing Association (BDPA).
Mainly composed of engineers from Texas Instruments in Dallas, Texas. But
there was the glass ceiling that had to be faced. This is not history to
me, this was my life as it was being developed. As I talk to the younger
now Cyber adventurist who are validating their potential and worth based on
testing of regurgitative material and the reliance of Vendor guarantees, I
have one thing to say, The Old Head have history behind them to detect
threat, we created the vectors and learned early on that in this Craft that
thinking outside the box is crazy. Who created the box and put you in it?

I could go on but my skill set is set for beyond what needs to be validated
by some initials. What I would like ISC2.org to do is to recognize the true
pioneers in this Craft. The ones of us who had to shatter glass ceilings so
that they could prosper. That gives credence to the younger cyber
practitioners because they then recognized that there was a history to
their endeavors. It was called the Craft.

Blessing and Be Safe!!

--
Stephen D. Pullum
Cell: 903.930.8814
Email: spullum@gmail.com
www.linkedin.com/in/stephendpullum
ericgeater
Community Champion

Interesting background, thank you.  I definitely cannot speak for (ISC)2, as I'm just a member, but maybe they have the answers you're asking for.  As a relatively newer member, I don't remember if I was asked about my race or ethnicity.

In any case, I'm subscribing to this thread.  Maybe you'll get some answers!

--
"A claim is as good as its veracity."
AlecTrevelyan
Community Champion

They do ask for your origin when you register for an exam these days:

 

image

 

Although, as you can see, you can opt for the "prefer not to answer" response.

 

AndreaMoore
Community Manager

Hello @StephenPullum,

 

I'm not sure that information is kept in our member records. Member ID number is not necessarily indicative of the date of a person's exam passing/membership date. As posted in this thread, PearsonVUE does ask for some identifying information when you register for an account with them but I'm unsure how long that gathering of information has been in practice. I'm checking with others on the (ISC)² team to see what I can find out. 




ISC2 Community Manager