Re: Federally Mandated Certification of cybersecurity professionals?

[John Bambenek <bambenek.infosec () gmail com>]

Because the US federal government is oh so good at weeding out 
unscrupulous people?

Louis Brooks wrote:
> A nationally recognized certification program could lead to a more 
> professional view of our field. Right now anyone with a laptop, nmap 
> and Nessus can call themselves a cybersecurity professional. A minimum 
> standard would at least lend some creditability to the title. It would 
> also allow for a way of regulating the industry to weed out people who 
> are less scrupulous. It is something that should be watched closely by 
> the industry and hopefully they will bring in all the stake holders 
> for comment. The last thing we want is for politicians with no 
> knowledge of the technology or industry making knee jerk legislation 
> without our input.
>
> Louis Brooks
> Network Security Analyst
> Florida State University
>
> Shenk, Jerry A wrote:
> > This whole thing reminds me of when I was a kid.  I lived (and still 
> > do) in Lancaster, PA where the Amish are.  My dad had a business 
> > giving buggy rides to tourists.  There was a push for awhile to have 
> > buggy drivers (aimed at the Amish, not us) licensed.  We joked about 
> > that...how would the local cops know who passed?
> > I wonder about this with all the big plans to have the government 
> > control cybersecurity (ah, such a cool word).  And, they're doing the 
> > same thing with forensic certification.  They've certainly done a 
> > great job with monetary policy;)....every time anybody touches 
> > anything, it gets worse.  I'm just not sure I trust the "smartest 
> > people in the room";)
> >
> >
> > -----Original Message-----
> > From: listbounce () securityfocus com 
> > [mailto:listbounce () securityfocus com] On Behalf Of Dave Kleiman
> > Sent: Wednesday, April 01, 2009 10:18 PM
> > To: pen-test () securityfocus com
> > Subject: Federally Mandated Certification of cybersecurity 
> > professionals?
> >
> > The Rockefeller-Snowe measure would create the Office of the National 
> > Cybersecurity Adviser, whose leader would report directly to the 
> > president and would coordinate defense efforts across government 
> > agencies. It would require the National Institute of Standards and 
> > Technology to establish "measurable and auditable cybersecurity 
> > standards" that would apply to private companies as well as the 
> > government. It also would require licensing and certification of 
> > cybersecurity professionals.
> >
> > http://www.washingtonpost.com/wp-dyn/content/article/2009/03/31/AR2009033103684_pf.html 
> >
> >
> >
> >
> > Respectfully,
> >
> > Dave Kleiman - http://www.ComputerForensicExaminer.com
> > 4371 Northlake Blvd #314
> > Palm Beach Gardens, FL 33410
> > 561.310.8801
> >
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> > This list is sponsored by: InfoSec Institute
> >
> > No time or budget for traveling to a training course in this fiscal 
> > year? Check out the online penetration testing courses available at 
> > InfoSec Institute. More than a boring "talking head", train in our 
> > virtual labs for a total hands-on training experience. Get the certs 
> > you need as well: CEH, CPT, CEPT, ECSA, LPT.
> >
> > http://www.infosecinstitute.com/request_online_training.html
> > ------------------------------------------------------------------------
> >
> >
> > **DISCLAIMER
> > This e-mail message and any files transmitted with it are intended 
> > for the use of the individual or entity to which they are addressed 
> > and may contain information that is privileged, proprietary and 
> > confidential. If you are not the intended recipient, you may not use, 
> > copy or disclose to anyone the message or any information contained 
> > in the message. If you have received this communication in error, 
> > please notify the sender and delete this e-mail message. The contents 
> > do not represent the opinion of D&E except to the extent that it 
> > relates to their official business.
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: InfoSec Institute
>
> No time or budget for traveling to a training course in this fiscal 
> year? Check out the online penetration testing courses available at 
> InfoSec Institute. More than a boring "talking head", train in our 
> virtual labs for a total hands-on training experience. Get the certs 
> you need as well: CEH, CPT, CEPT, ECSA, LPT.
> http://www.infosecinstitute.com/request_online_training.html
> ------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: InfoSec Institute

No time or budget for traveling to a training course in this fiscal year? Check out the online penetration testing courses available at InfoSec Institute. More than a boring "talking head", train in our virtual labs for a total hands-on training experience. Get the certs you need as well: CEH, CPT, CEPT, ECSA, LPT. 

http://www.infosecinstitute.com/request_online_training.html
------------------------------------------------------------------------