Firewall Wizards mailing list archives

re: ICSA

From: Richard Reiner <rreiner () fscinternet com>
Date: Thu, 14 Jan 1999 11:18:07 -0500

[The following was originally sent to Bugtraq, but Aleph (even though he
agreed with the content) felt that another venue might be more appropriate]

Tan's mention of ICSA (in his excellent Cyber-UL piece on Bugtraq), and the
recent posting on firewalls about the "ICSA Firewall Buyers' Guide",
reminds me of a serious and ongoing peeve which I (and some others around
here) have about ICSA:

In brief: Any organization which denominates itself an "Association", but
which is in reality a private, for-profit company, seems to me to lose all
credibility.  (Were this not a public forum, I would use far stronger terms
to say what I think of this practice.)

Moreover, for such a commercial, for-profit entity to further the common
misapprehension that it is a non-profit in the public interest by the
adoption of a slogan such as "The Objective Authority in Computer Network
Security" (currently plastered across ICSA's home page) strikes me (in my
personal, no doubt biased, misguided, foolish, etc. opinion) as OFFENSIVE
IN THE EXTREME.

On ICSA's web site I read numerous statements such as "Information Security
Magazine is the official publication of ICSA" (clearly reinforcing, to my
mind at least, the false perception that this is an industry association
with an official publication).  Is this an intentional attempt to mislead
the public? I shall leave that to the reader.

As some may know, ICSA's previous name was NCSA -- yet this was *not* the
NCSA of Mosaic and related fame, the National Center for Supercomputer
Applications.  *This* NCSA had nothing whatsoever to do with the *real*
NCSA.

While ICSA's literature does (quietly, in small type, and in buried
paragraphs) admit that  ICSA is a) privately held, and b) a for-profit
corporation, and therefore c) not *really* an association of any kind,
nevertheless the overwhelming (could it be intentional?) impression created
is of a non-profit in the public interest.

Finally, assessment of the credibility of ICSA's "certification" process
(in respect of the quality of its deliverables, and its costs) is left as
an exercise for the reader.

Doesn't anybody share my outrage over these shenanigans?


DISCLAIMER: the above constitutes my personal, idiosyncratic, foolish,
biased, stupid (add more adjectives as necessary to satisfy the lawyers)
opinion ONLY.  It does not represent the views of FSC Internet Corp. or of
SecureXpert Labs, nor of the officers or management of those organizations,
nor of any individual save myself.
-- 
. Richard Reiner, Ph.D., CEO
. FSC Internet Corp. / SecureXpert Labs
. The FSC Building, 188 Davenport Rd., Toronto, Ontario, Canada  M5R 1J2
. +1 416 921 4280, fax +1 416 966 2451, www.fscinternet.com

Current thread:

re: ICSA Richard Reiner (Jan 15)
- Re: ICSA Bennett Todd (Jan 18)
  - Re: ICSA Richard Reiner (Jan 18)
- re: ICSA Frederick M Avolio (Jan 18)
- re: ICSA iwchick (Jan 18)
- Re: ICSA Matt Curtin (Jan 18)
- re: ICSA David LeBlanc (Jan 18)
  - Re: ICSA Crispin Cowan (Jan 19)
    - Re: ICSA David LeBlanc (Jan 19)