Consider this my official endorsement of Wim Remes’ petition to have his name included on the (ISC)2 election ballot. I’ve known Wim for a few years now and would love to have his voice on the board of directors. In January 2010 I interviewed Wim for the Security D-List so please give that a read as well as his official petition (which I have included below):
On August 19th I received the yearly e-mail from (ISC)2 where they informed me of their yearly board elections that will take place as from November 16th. While I respect everyone currently slated for the ballot, I always cringe a little when I look back of yet another year where the divide between what I consider the infosec community of which I am a vocal participant and the institution ISC2 has become. I could spend another year on the sideline watching the gap grow bigger OR I can try and BE the change that A LOT of my online and real life friends are waiting for.
This is my official petition page to have my name added to the election ballot on November 16th.
you can support me by sending an e-mail from your e-mail address registered with ISC2 mentioning your NAME, EMAIL ADDRESS and CERTIFICATION NUMBER to firstname.lastname@example.org .
If I’m to become a member of the (ISC)2 Board of Directors I will strive to do the following in the three years that I will be given the opportunity to be the change you are all looking for:
* A closer collaboration with the information security community at large. This means recognition of what is currently considered to be an outlawish community but what I consider as a treasure trove of knowledge and capability that remains untapped. Either because we are afraid of what we don’t understand or because hackers are still suffering from a bad image. Not in my book!
* A review of the certification requirements for the flagship (ISC)2 certification, the CISSP, in order to bring it back to the level it once was on. Ideally with the incorporation of more in-depth requirements on a technical level, requirements in soft skills and, possibly, the addition of a written paper requirement that would show the knowledge the candidate has acquired during the learning process. This last requirement would feedback into the community becoming a valuable resource for security professionals globally.
* I am from Europe. I still feel that many of the subject covered by (ISC)2 and other organizations are focused on the US. My goal is to widen the efforts to a global approach that brings communities from different continents together instead of seperating them further. While there is a different in laws, culture, etc. across continents, I firmly belief that we have more in common and there needs to be a better collaboration
in order to address the security challenges we have coming at us.
* With my work on PTES (http://www.pentest-standard.org), Infosec Mentors (http://www.infosecmentors.com) Brucon (http://www.brucon.org), Eurotrash Security Podcast (http://www.eurotrashsecurity.eu) and other global initiatives I want to encourage the members of (ISC)2 tobecome a part of the community that I consider so valuable.
This is not about me but apparently I need some kind of bio. I am Wim Remes (CISSP ;-)), working in IT for 14 years now and passionate about security for over 10 of those. I have not graduated from any posh university but who cares right? I’m currently working for a Big4 company in Belgium as a Security Consultant. I will add extra information to my bid page as soon as possible.
In the mean time, please take the time to send me that e-mail and spread the link to this page as wide and as deep as possible. I need 500 signatures to my petition before September 19th. If you want passion on the (ISC)2 Board of Directors, you know what to do!
If you couldn’t guess by the title of this blog post, I have indeed passed by CISSP certification exam (phew). I always reserve my judgement on the usefulness of particular certifications until I actually sit down and attempt them (unlike some people in the industry — you know who you are). Was it worth it? I believe it was. Due to the scope of the exam I forced myself to learn aspects of security that I had neither the reason, nor the desire, to understand. I feel that I have grown as a security professional because of my studies and hope that I can help others with the things that I have learned.
I’d like to give a shout out those people (you know who you are) who either helped me or reassured me that I would succeed. Thanks everyone!
I thought I’d drop a quick post to let you know what’s been keeping me occupied (and away from blogging) for the last few weeks:
As many of you know, out of spite, I’ll be taking my CISSP exam on June 28th in Ottawa, Ontario, Canada. This is taking quite a bit of my time so I am very “head-down” trying to jam as much information into my head as possible. Wish me luck!
I’ve also signed on to write the Nokia Firewall, VPN, and IPSO Configuration Guide (Syngress, ISBN 9781597492867). Note to self, don’t agree to author a book when planning for a large exam.
I’ve been trying to get a bunch of CFPs drafted for various fall conferences. Takes a lot of time to produce quality papers that have a chance of being accepted.
My SANS GIAC GCIH Gold paper is due August 22nd, 2008 so I’ve been working on getting all the information I need together to draft a killer paper.
Busy, busy, busy 🙂