Divesting from Certification Training – A Strategic Imperative for Non-Profit Cybersecurity Associations
Rick Lemieux – Co-Founder and Chief Product Officer of the DVMS Institute
While vital to the industry, cybersecurity membership non-profit organizations are at a strategic crossroads. While lucrative, the traditional model of offering certification training programs presents inherent conflicts of interest and diverts resources from core missions. A compelling argument emerges for divesting from these programs, allowing organizations to focus on their primary roles as industry advocates, standards setters, and knowledge disseminators. CompTIA’s recent divestiture of its certification training portfolio reflects its focus on being an industry advocate, standards setter, and knowledge disseminator to its membership. The Information Systems Security Association (ISSA) is another example of a pure-play cybersecurity membership association.
Firstly, the dual role of certification provider and industry advocate compromises neutrality. When organizations profit from certification sales, the incentive to maintain rigorous standards and impartial assessments can be diluted. This potential conflict undermines the credibility of certifications and erodes public trust. By divesting, organizations can reclaim their position as unbiased judges, ensuring that certifications reflect industry best practices.
Secondly, certification training diverts significant resources from core mission activities. The operational overhead of developing, administering, and promoting certification programs is substantial. This drains valuable funds and personnel that could be better allocated to research, advocacy, and community development. Organizations can amplify their impact on the cybersecurity landscape by streamlining operations and focusing on core competencies.
Moreover, the proliferation of non-profit certification providers has saturated the market, leading to confusion and diminishing the value of individual certifications. This oversaturation can create a “certification arms race,” where organizations prioritize obtaining multiple certifications over developing deep expertise. By divesting, organizations can encourage a shift towards holistic skill development and focus on the practical application of knowledge.
Divesting from certification training programs is a strategic imperative for non-profit cybersecurity membership organizations. By relinquishing this role, organizations can enhance their credibility, optimize resource allocation, and foster a more robust and ethical cybersecurity ecosystem. The future lies in empowering organizations to focus on their core missions, driving innovation, and advocating for a safer digital world.
About the Author
Rick Lemieux
Co-Founder and Chief Product Officer of the DVMS Institute
DVMS Institute is a renowned provider of accredited (APMG International), Assured (NCSC-GCHQ-UK), and Recognized (DHS-CISA-NICCS) NIST Cybersecurity Framework, certification training programs designed to teach organizations of any size, scale, or complexity how to manage their organizational cyber risk and resiliency.
For cyber risk management, the DVMS FastTrack model provides a phased approach to adapting the NIST Cybersecurity Framework functions and its controls across an enterprise and its supply chain to identify and mitigate organizational cyber risks.
For cyber resilience management, the DVMS CPD overlay model provides a holistic approach to connecting digital ecosystem outcomes to organizational culture. This unique approach puts leadership and culture at the center of delivering continuous digital business quality, reliability, and trust.
Rick has 40+ years of passion and experience creating solutions to give organizations a competitive edge in their service markets. In 2015, Rick was identified as one of the top five IT Entrepreneurs in the State of Rhode Island by the TECH 10 awards for developing innovative training and mentoring solutions for boards, senior executives, and operational stakeholders.
® DVMS Institute 2024 All Rights Reserved