Candidate Info

Stephen Mencik

Steve has been in the Information Security field for 42 years. He started as a charter member of the DoD Computer Security Center in 1981. Here is his resume. Steve has been actively trying to get more transparency from the ISC2 Board as to their activities, polices, etc. He worked with a number of others to put together a set of By-Laws proposals, and spearheaded the effort to collect the needed signatures to force a vote. Unfortunately, the Board did not allow individual votes on the proposals as called for by the petition. Rather they lumped them all together and also offered their own grouping in order to ensure neither would get the needed 2/3 vote.

If elected to the Board, Steve will continue to work for more transparency. Specifically:

Publish Board meeting minutes
Publish Policy statements
Participate on the ISC2 Community discussion board to solicit feedback from members

Diana-Lynn Contesti

As a candidate for the Board Ballot, I would like:

Promote transparency between the board and the membership (i.e.; Participate in the (ISC)2 Community, provide my email address to the membership)
Improve general communications between the organization and its members
Preserve the value of members' certifications
Stand committees that consist of members (Ethics, Nominations, etc.) and not all Board members
Provide members a choice in the elections of their representatives.

Sami O. Koskinen

I've had my CISSP since 2004, and ISSMP since 2007. As it was hard to figure out someone's actual knowledge about information security from university degrees, me and my colleagues in the universities and government started to lobby for certifications. We genuinely saw value there, in buying services and hiring talents with a better guarantee of getting what you paid for.

This is what I'd like to reinstate: not just certificates for the left and the right hand, but certifications that require maintenance and can be taken into advanced level, with the support of the (ISC)2 -- just like it was with CISSP and ISSAP, ISSEP and ISSMP. Also, as we should not be a shop selling certificates and certifications, we should stop thinking of other similar organizations as our competitors. Such thinking has killed fruitful collaboration, which should be of no-one's interest, and certainly not honoring the idea on which the (ISC)2 was founded.

But, let's first return the (ISC)2 to the hands of the membership, and honor the membership's right to choose and make up their own minds, as that's where our real problems, at this time, are. Then, it's more fruitful to discuss what the (ISC)2 should be like and what it should do.