VA builds security staff

A year ago, the Department of Veterans Affairs was searching for workers who were certified as information systems security professionals. Now it employs 22 of them.

The special certification — the Certified Information Systems Security Professional (CISSP) — can be an instant job ticket into federal agencies these days, especially the VA.

"We look at CISSP certification as one of the things that marks a solid security professional," said Bruce Brody, the VA's cybersecurity chief. "It means that a person understands the common body of knowledge of information security."

When Brody arrived at the VA in March 2001, there were only two CISSPs, including him. Today, there are 22, mostly in Washington, D.C., but one is in Albany, N.Y., and another in Austin, Texas.

Brody said the certification program ensures that an information systems security expert is competent in 10 areas of knowledge, including physical security, encryption, telecommunications and network security, law and ethics. As a result, the VA gets a knowledgeable professional and the employee obtains an important credential for the future, he said.

"It is a new trend in the workplace," Brody said. However, certification isn't easy. The 250-question test was "easily the most difficult exam I've ever taken." The pass rate is about 60 percent.

Alan Paller, director of research at the SANS Institute, an information security education and research group, said that a CISSP certification is an important standard today. In the past, he said, many people who were given responsibility for security "came with no prior knowledge" about the issue.

He said the designation is a "minimum knowledge" for information technology workers responsible for security. "It's a wonderful baseline."

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.