![isn logo](/images/isn-logo.png)
Information Security News mailing list archives
Security certification rules could shake up IT management
From: InfoSec News <alerts () infosecnews org>
Date: Thu, 26 Jun 2008 03:34:25 -0500 (CDT)
http://www.gcn.com/online/vol1_no1/46543-1.html By William Jackson GCN.com 06/25/08 Requirements for professional security certification for information technology workers in civilian agencies, now being readied by the Office of Management and Budget, would have a major impact on how government and industry recruit, train and manage their IT staffs, a security expert said Wednesday. "They are going to affect every one of us in the field," contractors and government employees, said George Datesman, a senior manager at Noblis Inc., a nonprofit high-tech consultant. Datesman - who holds a master.s degree in criminology and has 30 years experience in law enforcement including a stint with the Justice Department - said at a Digital Government Institute conference on cybersecurity that OMB is finalizing minimum requirements for professional certification. He had no time frame for their release. As IT security has become professionalized, a number of certifications have achieved general recognition industrywide, including a suite from the International Information Systems Security Certification Consortium (ISC2). ISC2 maintains and administers examinations for: * CISSP: Certified Information Systems Security Professional. * ISSEP: Information Systems Security Engineering Professional. * ISSAP: Information Systems Security Architecture Professional. * SSCP: Systems Security Certified Practitioner. Organizations awarding certifications would have to be accredited to meet a federal mandate. Datesman likened situation to the law-enforcement field, which still is sorting out how to fully implement requirements for increased professional training and education 30 years after the movement began. Not only would there be new hiring requirements, there also could be increased responsibility and legal liability for workers and their employers. "This is a change we have not faced in the IT security industry before," he added. [...] _______________________________________________ Attend Black Hat USA, August 2-7 in Las Vegas, the world's premier technical event for ICT security experts. Featuring 40 hands-on training courses and 80 Briefings presentations with lots of new content and new tools. Network with 4,000 delegates from 50 nations. Visit product displays by 30 top sponsors in a relaxed setting. http://www.blackhat.com
Current thread:
- Security certification rules could shake up IT management InfoSec News (Jun 26)