Re: Federally Mandated Certification of cybersecurity professionals?

[Thomas Lim <thomas () coseinc com>]

dear all

in singapore, the government has already created an Association of
Information Security Professionals (AISP) and stated that one of its
ultimate aim is to create an IT security standard and certification and
would require all who wants to practice IT security in singapore to
attain that certification. however the government controls the funding
to this association and appointed the first executive committee (exco)
that abides by the government agenda. only a couple of the member of the
were genuine security professionals.

there seems to be a trend across all the world to "regulate" and
"standardize" IT security and ironically, the people who are setting all
these regulations and standards hardly knows anything about IT security.


thank you
thomas lim
COSEINC



Michael Painter wrote:
> Staff Working Draft here:
> http://lauren.vortex.com/Cyber-S-2009.pdf
>
>
>
> ----- Original Message ----- From: "Dave Kleiman" <dave () davekleiman com>
> To: <pen-test () securityfocus com>
> Sent: Wednesday, April 01, 2009 4:17 PM
> Subject: Federally Mandated Certification of cybersecurity professionals?
>
>
> The Rockefeller-Snowe measure would create the Office of the National
> Cybersecurity Adviser, whose leader would report directly to the
> president and would coordinate defense efforts across government
> agencies. It would require the National Institute of Standards and
> Technology to establish "measurable and auditable cybersecurity
> standards" that would apply to private companies as well as the
> government. It also would require licensing and certification of
> cybersecurity professionals.
>
> http://www.washingtonpost.com/wp-dyn/content/article/2009/03/31/AR2009033103684_pf.html
>
>
>
>
> Respectfully,
>
> Dave Kleiman - http://www.ComputerForensicExaminer.com
> 4371 Northlake Blvd #314
> Palm Beach Gardens, FL 33410
> 561.310.8801
>
>
>
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: InfoSec Institute
>
> No time or budget for traveling to a training course in this fiscal
> year? Check out the online penetration testing courses available at
> InfoSec Institute. More than a boring "talking head", train in our
> virtual labs for a total hands-on training experience. Get the certs
> you need as well: CEH, CPT, CEPT, ECSA, LPT.
>
> http://www.infosecinstitute.com/request_online_training.html
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: InfoSec Institute
>
> No time or budget for traveling to a training course in this fiscal
> year? Check out the online penetration testing courses available at
> InfoSec Institute. More than a boring "talking head", train in our
> virtual labs for a total hands-on training experience. Get the certs
> you need as well: CEH, CPT, CEPT, ECSA, LPT.
> http://www.infosecinstitute.com/request_online_training.html
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------