About the (ISC)² Blog
As the certifying body for more than 123,000 information security professionals worldwide, (ISC)² believes in the importance of open dialogue and collaboration. (ISC)² established this blog to provide a voice to certified members, who have significant knowledge and valuable insights that can benefit other information security professionals and the public at large.
The (ISC)² blog gives members a forum to exchange ideas and inspires a safe and secure cyber world by supporting the advancement of the information security workforce via a public exchange with a broad range of information security topics.
(ISC)² believes in the importance of open dialogue and collaboration. This open communication also requires prudence from designated (ISC)² bloggers. Although all (ISC)² blog posts will be reviewed and monitored, common sense and intelligence should prevail.
All (ISC)² bloggers are asked to adhere to the following guidelines. (ISC)² reserves the right to remove any post that violates these guidelines.
The point of the (ISC)² blog is to bring worthwhile information and insights to our members, the industry and society-at-large. The (ISC)² blog should be used in a way that adds value to (ISC)²’s business. It should help our members, clients, vendors, the business community or society in general to solve problems. If it helps to improve someone’s knowledge or skills; if it helps contribute directly or indirectly to the improvement of (ISC)²’s products, processes and policies; or if it helps to promote (ISC)²’s values, then it is adding value. Though not directly business-related, background information you choose to share about yourself, such as information about your personal interests, may be useful in helping establish a relationship between you and your readers, but it is entirely your choice whether to share this information.
You are legally responsible for your posts.
When you choose to publish your opinions via the (ISC)² blog, you are legally responsible for your commentary. When you blog, it is your personal opinion. (ISC)² is merely providing a platform for those opinions; therefore, you are legally responsible for your posts and should exercise caution and forethought accordingly. Individual bloggers can be held personally liable for any commentary deemed to be, obscene, proprietary, or libelous (whether pertaining to (ISC)², individuals, or any other company), or infringes the intellectual property rights of another. This standard disclaimer does not by itself exempt (ISC)² managers and executives from a special responsibility when blogging. By virtue of their position, they must consider whether personal thoughts they publish may be misunderstood as an expression of (ISC)²’s policy. For these reasons, bloggers should exercise caution with regards to exaggeration, colorful language, guesswork, obscenity, copyrighted materials, legal conclusions, and derogatory remarks or characterizations.
Know (ISC)²’s Code of Ethics.
One of our Code of Ethics canons is to “Act honorably, honestly, justly, responsibly, and legally.” (ISC)² members should exercise fair and ethical business practices and know and follow (ISC)²’s Code of Ethics at all times. As an organization, we trust – and expect – our members to exercise personal responsibility. This includes not violating the trust of those with whom they are engaging. Members should not use this medium for covert marketing or public relations. If and when members of (ISC)²’s Communications, Marketing, Sales or other functions engaged in advocacy for the company have the authorization to participate in blogs, they will identify themselves.
Post original content.
The value of the (ISC)² blog lies in the original insights and opinions provided by (ISC)² members – the pre-eminent information security experts in the world. Don’t be afraid to share yours. Authors should not post “referral content” and “links” unless the links and referred content are a minor element of a larger, original, thoughtful story related to the security topic at hand. Authors should never post an article that is mostly a “cut-and-paste” from other sources. A gauge might be if you can “Google” the information and get the very same information you’re posting, it’s not appropriate for this blog. Blog “spam,” which includes articles that are only links to other unoriginal content, short posts that are simply pointers to information, websites, or papers elsewhere on the Internet, will be taken down.
Write in the first person.
What makes blogs interesting is the informal nature of the medium. Use your own voice; bring your own personality to the forefront; say what is on your mind. Write in the first person and make it clear that you are speaking for yourself and not necessarily on behalf of (ISC)² or any other organization. Always consider the content carefully and be judicious in disclosing personal details. If you have a vested interest in something you are discussing, be the first to point it out. Avoid misrepresentation. If, at any time you are unclear as to the propriety of a post, it is best to refrain and seek the advice of (ISC)² management.
Respect copyright and fair use laws.
For (ISC)²’s protection as well as your own, respect copyright, fair use and financial disclosure laws. It is critical that you show proper respect for the laws governing copyright and fair use of copyrighted material owned by others, including (ISC)²’s own copyrights and brands. You should never quote more than short excerpts of someone else’s work, and you should clearly attribute the excerpt to its author. And, it is good general blogging practice to link to others’ work.
Protect confidential and proprietary information.
You must make sure you do not disclose or use confidential or proprietary information or that of any other person or company on any blog. Don’t provide any confidential or other proprietary information. Any conversations that are meant to be private or internal to (ISC)² must be approved by (ISC)² management, prior to publishing or reporting. For example, ask permission to publish someone’s picture or a conversation that was meant to be private. You must not comment on confidential (ISC)² financial information such as projections for future business performance, business plans, or prospects anywhere in the world. All posts are subject to removal at (ISC)2’s discretion.
Protect (ISC)²’s members, business affiliates, and suppliers.
Members, affiliates, vendors or suppliers should not be cited or referenced without their approval. On your blog, never identify a client, partner or supplier by name without permission and never discuss confidential details of a client engagement. It is acceptable to discuss general details about kinds of projects if the information provided does not violate any non-disclosure agreements that may be in place with the client or make it easy for someone to identify the client or partner.
Respect your audience.
Remember that (ISC)² is a global organization. Our employees and members reflect a diverse set of customs, values and points of view. Don’t be afraid to be yourself, but do so respectfully. Don't use ethnic slurs, personal insults, obscenity, etc., and show proper consideration for others’ privacy and for topics that may be considered objectionable or inflammatory, such as politics or religion. And, now that you are blogging on the (ISC)² site, never use an external blog to air your differences in an inappropriate manner.
Know your fellow bloggers.
The most successful bloggers are those who pay attention to what others are saying about the topic they want to write about, and generously reference and link to them. Who’s blogging on the topics that most interest you? Drop your fellow bloggers a note to introduce yourself and your blog.
Don’t pick fights.
When you see misrepresentations made about (ISC)² in the media, by analysts or by other bloggers, you may certainly use your blog post to point that out. Always do so with respect and with the facts. Also, if you speak about a competitor, you must make sure that what you say is factual and that it does not disparage the competitor. You should avoid arguments. Brawls may earn traffic, but nobody wins in the end. Don’t try to settle scores or provoke competitors or others into inflammatory debates. Here and in other areas of public discussion, make sure that what you are saying is factually correct. If you make an error, be up front about your mistake and correct it quickly. If you choose to modify an earlier post, make it clear that you have done so. Ultimately the blogger is solely responsible for what is posted.
Blogs are viral.
If you’re worried about what someone may think about your post, listen to that instinct. And realize that once a questionable post is on the Internet, you can never get it back. The blog world is incredibly efficient at spreading rumors, secrets, rants, hyperbole, and your misstatements, around the globe in minutes. The media may take notice as well.