[unisog] REN-ISAC membership

Doug Pearson dodpears at indiana.edu
Thu Jul 3 16:12:12 GMT 2008


We're on track to implement changes to the membership model this summer, 
but before I go into that, just to set the record straight, "exchanged 
business cards [...] outside a poster session" doesn't meet our 
expectation of the necessary knowledge and relationship that can lead to 
a vouch of personal trust - as required for membership.

About the upcoming changes, I don't want to go into all the details just 
yet, we'll be talking it up officially very soon, but the essence is 
that there will be a tiered membership. At the first tier, a CIO or 
equivalent can point at a person who meets the job profile and say 
"that's my REN-ISAC 'General' member". The second tier ('XSec') requires 
expression of personal trust from existing members, similar to today. 
Information sharing will be conducted appropriate to the level of trust 
in each tier.

Hope that helps. Expect to see much more on this very soon.


Doug Pearson
Technical Director, REN-ISAC
24x7 Watch Desk +1(317)278-6630

Steve Smith wrote:
> Howdy, all
> I haven't seen any mention on the list since February. I was wondering 
> if there have been any updates on the membership ritual for REN-ISAC?
> I'd like to suggest that years of service as the person in charge of 
> security at an institution could better qualify one as "tightly-vetted" 
> than having exchanged business cards with two people outside of a poster 
> session, but there is obviously room for argument.
> --
> Steve Smith
> Information Security Administrator
> Glendale Community College, Maricopa Community College District
> Glendale, AZ. http://www.gccaz.edu
> _______________________________________________
> unisog mailing list
> unisog at lists.dshield.org
> https://lists.sans.org/mailman/listinfo/unisog

More information about the unisog mailing list