The CISSP Kobayashi Maru
So, today I finally became an “official” CISSP much to my surprise. You see, I took the test a year ago and had thought I was a CISSP, but, I guess I was in name only until today. Oddly enough, I had to pass the final “Kobayashi Maru” of CISSP-ness that this entry will tell.
It seems that when I passed the test back a while ago, I was randomly selected to be “audited”, perhaps like a Scientologist might? Who knows, in any event, I found out recently that I had to provide my resume and other data so they could look it up and say “ok you’re a CISSP”
I diligently provided ISC with the data and made sure my endorser had all his documents in and I thought it was all over. Little did I know I would get an email/call that would stun me.
ISC: “Sir, we need your SSN to get your employment history with IBM”
Me: “Uhh what? You want my SSN? No, I am afraid not. If IBM needs this then they should contact me directly, here’s my number. If my employee ID would suffice, here it is”
Say what? ISC wants me to provide my SSN to them to give to IBM (maybe) to get my records that should not require an SSN? It gets worse though, it was not even IBM, but a third party company that holds the records now that IBM outsourced!! So yeah, they wanted my SSN to be passed through two parties to prove I worked at IBM.. So much for phone call to HR huh?
Insult to injury, this is ISC, the group CERTIFYING security professionals asking for my SSN like this!
This only leads me to further believe that ISC/CISSP is just a ponzi scheme.