Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

3/17/2020
08:40 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

(ISC) Announces CEO Succession Plan

David Shearer will step down at the end of 2020.

Clearwater, FL, March 16, 2020 – (ISC)² – the world’s largest nonprofit membership association of certified cybersecurity professionals – today announced that David Shearer, CISSP, the association’s current CEO, will step down at the end of 2020 after serving in the role since 2015. The (ISC)² Board of Directors has initiated a CEO recruitment search to identify an experienced leader to succeed Shearer and guide the organization on a path of continued growth as demand for certified cybersecurity professionals continues to grow exponentially worldwide. 

“After leading us through a period of sustained growth and incredible change, David has notified the board of his intention to step down at the end of this year after six years as our CEO and two years prior as our COO,” said Dr. Kevin Charest, CISSP, (ISC)² Board of Directors Chairperson. “In parallel with the goals and objectives we have for David’s last year with us, we must begin our recruiting efforts for his successor to ensure a smooth transition, and we’re thankful that David will be a part of that search process.” 

The search will be led by the Board of Directors, who have engaged organizational consulting firm Korn Ferry to assist in the recruitment effort. 

“My tenure as CEO of (ISC)² has been abundantly fulfilling and one of the greatest honors of my professional life. Over the course of my career I’ve been fortunate enough to have opportunities to lead great teams through times of change and growth. I relished the task of strengthening our value promise to members, delivering new certifications and professional development opportunities for cybersecurity professionals, modernizing (ISC)²’s infrastructure, and developing new ways to help our members and the organizations they protect better defend critical assets around the world,” remarked Shearer. “I deeply believe in the association’s mission to inspire a safe and secure cyber world, and I’m looking forward to helping the board select the right successor to keep us moving along the same trajectory.”

Under Shearer’s direction, the association grew to 153,000 certified members and associates in 175 countries. His leadership also led to an association-wide digital transformation that replaced legacy systems and improved efficiencies, the introduction of the Certified Cloud Security Professional (CCSP®) certification, and the growth of the annual (ISC)² Security Congress conference to more than 2,500 attendees and 200 expert speakers. In 2019, Shearer oversaw the creation of the Professional Development Institute (PDI), a portfolio of cybersecurity education courses that are included for free as a benefit of membership. To date, more than 30 courses have been launched as part of PDI, at a value of more than $10,000, and learners have completed nearly 14,000 courses in total.

To learn more about this executive search, please contact [email protected].   

About (ISC)²

(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)² offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 150,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™. For more information on (ISC)², visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn.

© 2020, (ISC)² Inc., (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CCFP, CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP and CBK are registered marks, of (ISC)², Inc.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-5292
PUBLISHED: 2020-03-31
Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers can execute arbitrary SQL queries negatively affecting the confidentiality, integrity, and availability of the site. Attackers can exfiltrate data like the users' and admini...
CVE-2020-7009
PUBLISHED: 2020-03-31
Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.
CVE-2019-13495
PUBLISHED: 2020-03-31
In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross-site scripting (XSS) issues allows remote authenticated users to inject arbitrary web script via an rpSys.html Name or Location field.
CVE-2020-5291
PUBLISHED: 2020-03-31
Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports unprivileged user namespaces, then the `bwrap --userns2` option can be used to make the setuid process keep running as root while being traceable. This can in turn be used to gain root permissions. Note that...
CVE-2019-14905
PUBLISHED: 2020-03-31
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS co...