[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Security certification rules could shake up IT management
From: InfoSec News <alerts () infosecnews ! org>
Date: 2008-06-26 8:34:25
Message-ID: Pine.LNX.4.61.0806260334160.7893 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.gcn.com/online/vol1_no1/46543-1.html
By William Jackson
GCN.com
06/25/08
Requirements for professional security certification for information
technology workers in civilian agencies, now being readied by the Office
of Management and Budget, would have a major impact on how government
and industry recruit, train and manage their IT staffs, a security
expert said Wednesday.
"They are going to affect every one of us in the field," contractors and
government employees, said George Datesman, a senior manager at Noblis
Inc., a nonprofit high-tech consultant.
Datesman - who holds a master.s degree in criminology and has 30 years
experience in law enforcement including a stint with the Justice
Department - said at a Digital Government Institute conference on
cybersecurity that OMB is finalizing minimum requirements for
professional certification. He had no time frame for their release.
As IT security has become professionalized, a number of certifications
have achieved general recognition industrywide, including a suite from
the International Information Systems Security Certification Consortium
(ISC2). ISC2 maintains and administers examinations for:
* CISSP: Certified Information Systems Security Professional.
* ISSEP: Information Systems Security Engineering Professional.
* ISSAP: Information Systems Security Architecture Professional.
* SSCP: Systems Security Certified Practitioner.
Organizations awarding certifications would have to be accredited to
meet a federal mandate. Datesman likened situation to the
law-enforcement field, which still is sorting out how to fully implement
requirements for increased professional training and education 30 years
after the movement began. Not only would there be new hiring
requirements, there also could be increased responsibility and legal
liability for workers and their employers.
"This is a change we have not faced in the IT security industry before,"
he added.
[...]
_______________________________________________
Attend Black Hat USA, August 2-7 in Las Vegas,
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic