Earlier this year, several (ISC)² members reached out to us regarding the candidate background qualifications that we ask all individuals as part of their endorsement process after passing an (ISC)² exam. The question on our eligibility review asked candidates: “Have you ever been involved, or publicly identified, with criminal hackers or hacking?”
We heard you loud and clear. Being involved in “hacking” – especially in regard to learning how systems work, researching vulnerabilities or general curiosity and learning – doesn’t make you ineligible for (ISC)² certification. The use of the term “hacker” has changed significantly over the years, and we agreed it was time to make sure our policies were updated to more accurately reflect the way our team reviews all candidates applying for (ISC)² membership.
Additionally, you will see that we no longer ask you about previous names or any known alias. Not only did members rightfully and thoughtfully point out that this may be insensitive to women (naming changes for marriage status), as well as the LGBTQ+ community.
Once these concerns were voiced to us, we reviewed our internal endorsement process on how best to change the wording to more accurately reflect what we were trying to understand about candidates for (ISC)² membership. Then, the proposed changes to the language was submitted to our Ethics Committee – all (ISC)² members – for formal review. New language has been drafted, reviewed, approved and implemented.
As a reminder, saying “yes” to any of the background qualification questions does not automatically exclude you from (ISC)² membership. All applicants who answer “yes” are given a formal review with additional investigation if necessary. We want to ensure that (ISC)² certification is accessible and inclusive, and that our endorsement of members is accurate and fair.
Thank you to everyone who brought this to our attention. We heard you. Moreover, we hope this process demonstrates that mechanism and channels exist for members to help promote positive change for the association.
The post We Heard You: Updates to the (ISC)² Ethics Questions appeared first on Cybersecurity Insiders.
November 08, 2021 at 09:10PM
0 comments:
Post a Comment