|
|
Sponsored Content
Special Forums
Cybersecurity
IT Security RSS
Security Certification – Standards for the Government IT Workforce
Post 302213320 by Linux Bot on Wednesday 9th of July 2008 07:30:04 PM
07-09-2008
Security Certification – Standards for the Government IT Workforce
According to a recent GCN article, the federal government (civilian agencies) may be releasing a standardized list of security professional certifications required by the IT workforce that could see lasting benefits, however initial incur some immediate challenges.
Benefits:
The most obvious benefit would be the development of an assurance baseline for government security programs. Through the issuance of minimum qualification requirements for each staff position, the government could reduce staff qualification deficiencies, and optimize costs needed for an highly trained IT security workforce. The government must be agile, and must understand the competency of their security staff and IT professionals to maximize results. This could also establish a limited playing field for IT security firms, and idealize the importance certification offer, as it has achieved in the private sector.
Challenges:
Where does this certified workforce come from? As minimum requirements are published, it will require them to be phased in to allow a transition for existing staff through both fasttrack certification programs, and to enable organization to find staff to meet their immediate needs for IT security practitioners that have the appropriate credentials and background investigations. This also will require certification agents (to include ISC(2)) to actively qualify their organization's credentials to ensure current staff can qualify themselves under the new certification requirements. Other challenges would include increased recruiting costs, additional training costs for existing staff (including attending certification programs), and a wider adoption of specialized security certifications.
Conclusion
I see this as an essential step forward for ensuring the federal government workforce has the competency to meet the changes faced in the IT security landscape, and can appropriately meet the future challenges in this diverse and evolving field. I also think more specialized sector track will begin to emerge out of the transition, giving security practioners more focused and specialized security roles.
More...
Benefits:
The most obvious benefit would be the development of an assurance baseline for government security programs. Through the issuance of minimum qualification requirements for each staff position, the government could reduce staff qualification deficiencies, and optimize costs needed for an highly trained IT security workforce. The government must be agile, and must understand the competency of their security staff and IT professionals to maximize results. This could also establish a limited playing field for IT security firms, and idealize the importance certification offer, as it has achieved in the private sector.
Challenges:
Where does this certified workforce come from? As minimum requirements are published, it will require them to be phased in to allow a transition for existing staff through both fasttrack certification programs, and to enable organization to find staff to meet their immediate needs for IT security practitioners that have the appropriate credentials and background investigations. This also will require certification agents (to include ISC(2)) to actively qualify their organization's credentials to ensure current staff can qualify themselves under the new certification requirements. Other challenges would include increased recruiting costs, additional training costs for existing staff (including attending certification programs), and a wider adoption of specialized security certifications.
Conclusion
I see this as an essential step forward for ensuring the federal government workforce has the competency to meet the changes faced in the IT security landscape, and can appropriately meet the future challenges in this diverse and evolving field. I also think more specialized sector track will begin to emerge out of the transition, giving security practioners more focused and specialized security roles.
More...
|
|
6 More Discussions You Might Find Interesting
1. News, Links, Events and Announcements
http://slashdot.org/article.pl?sid=04/06/24/0135208&mode=thread&tid=106&tid=185 (0 Replies)
Discussion started by: norsk hedensk
0 Replies
2. Red Hat
Hi all,
Thanks for reading and any posts.
Quick question, has anyone out there got any suggestions for standards of security for Redhat enterprise 3. We are making an RAC cluster Oracle application using Oracle 9i (hopefully moving to 10g sooner rather than later).
Thanks again for any... (0 Replies)
Discussion started by: B14speedfreak
0 Replies
3. Solaris
Hi All,
Thanks in advance for reading and any posts.
I was wondering if anyone has come across or can recomend or has any security standards that we could implement. We are running production Oracle systems on Solaris 8 boxes (which are global). We are after security considerations... (4 Replies)
Discussion started by: B14speedfreak
4 Replies
4. News, Links, Events and Announcements
By Robert McMillan, IDG News Service, 06/15/07
Red Hat Linux gets top government security rating (0 Replies)
Discussion started by: Neo
0 Replies
5. Cybersecurity
Hi All
I am not sure this is the right place to ask this question.
I am from India ( Mumbai ) .I am in IT industry ( as Application developer / System support ) for nearly 4 years i dont have any direct security related work experience but i did work on cryptography & Access control in 2... (4 Replies)
Discussion started by: zedex
4 Replies
6. What is on Your Mind?
Hi guys,
What do you think about these certifications? (18 Replies)
Discussion started by: Luca.Francesca
18 Replies
LEARN ABOUT DEBIAN
vitacilina
Vitacilina(3pm) User Contributed Perl Documentation Vitacilina(3pm) NAME
Vitacilina - AXAh, quA~X buena medicina! DESCRIPTION
A simple feeds engine exporter that uses YAML to get list of feeds and TT as templating system. Some people would call it an aggregator. It was intended to be a reliable Planet (<http://planetplanet.org>) alternative, then some development ideas evolved into rFeed (http://github.com/damog/rfeed). Vitacilina runs on production services on a couple of systems. SYNOPSIS
use Vitacilina; my $v = Vitacilina->new( config => 'config.yaml', template => 'template.tt', output => 'output.html', limit => '20', ); $v->render; FILES
config The "config" parameter specifies the path to a YAML file specifying a list of feeds. Use this format: http://myserver.com/myfeed: name: Some Cool Feed http://feeds.feedburner.com/InfinitePigTheorem: name: InfinitePigTheorem ... template A "Template::Toolkit" file which will be taken as the template for output. Format: [% FOREACH p IN data %] <a href="[% p.permalink %]">[% p.title %]</a> by <a href="[% p.channelUrl %]">[% p.author %]</a> <br /> [% END %] The "data" is an ordered array with a bunch of hashes with the simple data such as "permalink", "title", "channelUrl", "author", etc. output File path where the output will be written. EXAMPLES
Take a look at the "examples/" directory for fully working example. SEE ALSO
Git repository is located at <http://github.com/damog/vitacilina>. Also take a look at the Stereonaut! blog where similar developments from the author are announced and sampled, <http://log.damog.net/>. AUTHOR
David Moreno, david@axiombox.com. Alexandr Ciornii contributed with patches. COPYRIGHT
Copyright (C) 2009 by David Moreno. This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. perl v5.10.1 2009-11-29 Vitacilina(3pm)