IISFA Is Irrelevant

For the past several months, I've been receiving notices from "Marcus Lawson - ISFA" of the International Information Systems Forensics Association. IISFA is the organization that awards the Certified Information Forensics Investigator™ (CIFI) Certification. I initially thought this would be a good certification for the reasons outlined in that post and previous posts linked within it.

The emails from IISFA have said the following.

Subject: Your International Information Systems Forensics Association membership is past due for renewal.

Dear Richard,

I have good news and bad news:

Bad news: your membership has, or is about to expire to the Information Systems Forensics Association. This means you will no longer be a part of the "Global Voice of Information Forensics;" you will not longer receive "The Information Forensics Journal;" and you will no longer be able to participate in ISFA events; internationally or locally.

Good news: You can renew your membership and continue to be a part of the excitement of investigative and scientific discovery for another year.

We hope you will continue to enjoy the benefits of ISFA for another year.

Sincerely,

Michelle Bourque, CISSP International Director of Membership International Information Systems Forensics Association

Your International Information Systems Forensics Association membership expired on 01/20/2006. Please take advantage of our limited time grace period offer and renew by 2/19/2006 to continue receiving all the benefits we have to offer.

Member Name: Richard Bejtlich,
Current Membership Type: Member
Membership Start Date: 01/06/2005
Membership Expiration Date: 01/20/2006

I've tried sending this response to multiple email addresses. No one has responded.

I've received mutliple renewal notices regarding my IISFA membership. They say:

Bad news: your membership has, or is about to expire to the Information Systems Forensics Association [sic].

Isn't it IISFA, the International Information Systems Forensics Association?

The email then says:

you will not [sic] longer receive "The Information Forensics Journal;"

Has there been any new issue of IFJ since the July/August 2004 issue?

The email continues:

you will no longer be able to participate in ISFA [sic] events; internationally or locally.

Have there been any IISFA events? I was scheduled to speak at the 22 Sep 04 meeting in Georgia, but I haven't heard anything about IISFA meetings since that event was cancelled (due to tragedy).

The most recent news item at iisfa.org dates from April 2005.

Overall, I do not get the impression that IISFA is offering much of value to me. Why should I renew membership?

Why should I renew, indeed? Has anyone gotten anything of value from IISFA, period? I plan to let membership lapse and my CIFI standing disappear.

Comments

Anonymous said…
There's been some comm traffic on this very subject over at Forensic Focus (http://www.forensicfocus.com/index.php?name=Forums&file=viewtopic&t=617). A fellow named Matthew Smith is outlining changes he and others plan to make to IISFA; other comments point out that since IISFA apparently "grandfathered in" CIFIs when it first started the cert, improving its current standing will be difficult.
Speaking of organizations, I've had trouble contacting my local HTCIA chapter, and their website updates are spartan to say the least. Has anyone had better luck?

- Pete Hewitt
GCFA, GCIH, CISSP, CISA, CPA
(for what that's worth. :)
1:45 PM
js said…
Richard,

I, too, am a member of IISFA with similar sentiments. I joined the Washington, D.C. chapter with hopes of networking with other digital forensics professionals. That chapter never got off the ground. I'm not sure if other chapters are equally dormant. It appears that T3i put IISFA in the back seat after James Moore's very unfortunate passing. This is understandable, but there has been no member communication regarding this issue. Moreover, the future of IISFA is tenuous at best. I will let my membership expire unless something changes very soon.

I never considered earning the CIFI certification, which will lose even more value with the weakening of the IISFA.
11:08 AM
Anonymous said…
I attended an IISFA sponsored IT Forensics conference yesterday, 16/02/2007, next to Lake Como in Italy. The conference was well attended and there were distinguished speakers. I understand that an Italian chapter of IISFA is being formed, and that it will be possible to take the certification exam here. (I live in Italy.) Seeing that the comments, I've read on this blog, are not 100% positive about the association and the validity of the certification. Could someone please advise whether the association is up and running and who recognises the certification.
Thanks in advance

Roger D. Warwick, CPP ISO/IEC 27001 Lead Auditor.

roger@pyramid.it
2:19 PM
Sherman said…
Not sure if anyone is following this blog space or not, but I was thinking about my old pal James Moore and decided to google him to see if anyone is still speaking about the guy that I called an Infosec Evangelist. I was on his team at edeltacom. Those were some crazy times. I sure miss him.

Sherman Webers, CISSP
Enterprise Security Architect
Federal Bureau of Investigation
935 Pennsylvania Ave. NW | Washington, DC 20535
M - 202.255.9367 | O - 202.324.3960
U - Sherman.webers@ic.fbi.gov
4:13 PM
Post a Comment

Popular posts from this blog

Zeek in Action Videos

Image
This is a quick note to point blog readers to my Zeek in Action YouTube video series for the Zeek network security monitoring project .  Each video addresses a topic that I think might be of interest to people trying to understand their network using Zeek and adjacent tools and approaches, like Suricata, Wireshark, and so on.  I am especially pleased with Video 6 on monitoring wireless networks . It took me several weeks to research material for this video. I had to buy new hardware and experiment with a Linux distro that I had not used before -- Parrot .  Please like and subscribe, and let me know if there is a topic you think might make a good video.
Read more

MITRE ATT&CK Tactics Are Not Tactics

Image
Just what are "tactics"? Introduction MITRE ATT&CK  is a great resource, but something about it has bothered me since I first heard about it several years ago. It's a minor point, but I wanted to document it in case it confuses anyone else. The MITRE ATT&CK Design and Philosophy document from March 2020 says the following: At a high-level, ATT&CK is a behavioral model that consists of the following core components: • Tactics, denoting short-term, tactical adversary goals during an attack; • Techniques, describing the means by which adversaries achieve tactical goals; • Sub-techniques, describing more specific means by which adversaries achieve tactical goals at a lower level than techniques; and • Documented adversary usage of techniques, their procedures, and other metadata. My concern is with MITRE's definition of "tactics" as "short-term, tactical adversary goals during an attack," which is oddly recursive. The key word in the tacti
Read more

New Book! The Best of TaoSecurity Blog, Volume 4

Image
  I've completed the TaoSecurity Blog book series . The new book is  The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship .  It's available now for Kindle , and I'm working on the print edition.  I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up. I described the new title thus: Go beyond TaoSecurity Blog with this new volume from author Richard Bejtlich. In the first three volumes of the series, Mr. Bejtlich selected and republished the very best entries from 18 years of writing and over 18 million blog views, along with commentaries and additional material.  In this title, Mr. Bejtlich collects material that has not been published elsewhere, including articles that are no longer available or are stored in assorted digital or physical archives. Volume 4 offers early white papers that Mr. Bejtlich wrote as a network defender, either for technical or pol
Read more