Six Security Luminaries Receive CISSP Certifications

[Chris Wysopal <weld () vulnwatch org>]

FOR IMMEDIATE RELEASE

SIX INFORMATION SECURITY LUMINARIES RECEIVE CISSP CERTIFICATION

1 April 2005

The International Information Systems Security Certification Consortium,
Inc. (ISC)² is proud to announce that six prominent security researchers
have been awarded the coveted Certified Information Systems Security
Professional (CISSP)™ certification. The world-recognized CISSP
certification signifies that an individual has reached the pinnacle of their
professional development and demonstrated competence in the information
security field.

“Attaining the CISSP affords me new career opportunities and I’m proud to
have earned the recognition,” said Richard Forno, the former Chief Security
Officer of Network Solutions and current Washington, DC-based security
consultant. “Having the CISSP ― and many other letters after my name as well
― means quicker consideration in the hiring process because it’s clear that
hiring managers use certifications as the single most accurate indicator of
a person’s competence as a security expert and technology professional.”

Brian Martin, a Denver-based security consultant and commentator, agreed,
noting that the CISSP “will open new doors and offer exciting new glimpses
into the inner child of network security.” He believes that the CISSP
certification will bolster his “already-padded resume” and allow him to
obtain new contract jobs as a certified security professional more easily
while also commanding a higher hourly rate from his expanded base of
prospective clients.

Those certified as a CISSP must subscribe to the (ISC)² Code of Ethics, pass
a written examination, be employed somewhere, pay recurring membership dues
to (ISC)², maintain certification through continuing education, and
recertify every three years for a small additional charge. The (ISC)² Code
of Ethics for CISSPs ensures that only reputable professionals become
certified; a rigorous examination of an applicant’s background is conducted
to prevent a hacker or other questionable person from joining this elite
community of security experts.

Meeting this ethical standard was welcome news to “AJ” leader of the
black-hat hacker group ReznorBlades. “Just knowing that I’m now on the same
level as many of the industry’s least-clued and over-paid professionals
creates a feeling that I just can’t put to words. Now when a ‘professional’
sneers at my nose ring or dismisses me because of my haircut I can remind
him that he and I are equal brothers in the charge to secure the planet from
cyber-mischief.” ReznorBlades’ current project is building a distributed and
stealthy cross-platform implementation of a RFC3514 attack tool to be
released at DefCon later this year.

Jay Dyson of Treachery Unlimited agrees. “For me, the CISSP was the perfect
foil through which I could advance my career in computer and network
security and, quite possibly, world domination.  Now I only need to know
half the stuff I used to, do only half the work I used to, and yet make
twice the pay.”  Dyson, who is currently vacationing in Jamaica, went on to
describe how the CISSP certification has freed him from hardship at work.
“I used to knock myself out to justify new hardware, major network
architecture changes, and other stuff,” he said while sipping the local
coffee.  “Now I just announce that I am a CISSP and nobody argues ― no
matter how wild my demands might sound to the un-certified.  It’s like being
a James Bond villain, only without the monocle and Persian longhair cat.”

Similarly, Vmyths.com editor Rob Rosenberger lauded his elevation to
computer security’s ruling class. “As a member of the Investigative
Reporters and Editors Association, I was compelled to base my conclusions on
evidence and metrics. But as someone with ‘CISSP’ on his business cards now,
I can label anything a fact yet have no data to support it. As a result, I
look forward to speaking with a new and undisputed authority on computer
security topics and participating in vaguely worded white papers and
international computer security surveys to create new job opportunities both
for myself and other CISSPs.”

Independent consultant Joshua Fritsch of UnixGeeks.org believes the CISSP
certification is the ticket out of what he describes as “sysadmin hell.”
Fritsch, who spends most of his time complaining about his workload instead
of working on it, got his CISSP after sending five proofs-of-purchases from
a Cracker Jack box (plus shipping and handling) to (ISC)².

Messrs. Forno, Martin, Reznor, Dyson, Rosenberger, and Fritsch will be
welcomed formally into the CISSP brotherhood on Saturday at a black-tie
dinner in Washington, D.C, where both their CISSP certificates and keynote
speech will be presented by D.K. Matai, chairman of the UK-based security
research company mi2g. The list of prestigious (ISC)² members who have
confirmed their attendance at the Washington event can be found at:

http://vmyths.com/mm/whisper/2005/0401/cissp.txt

For more information, contact:

(ISC)² Institute
1965 Gallows Road, Suite 210
Vienna, Virginia 22182

PH:     +1.866.462.4777 or +1.703.891.6781
FX:     1.703.891.0782
EM:     institute () isc2 org


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
https://lists.immunitysec.com/mailman/listinfo/dailydave