'Info security for the rest of us'

Information Security Awareness Certification site

The Information Technology Association of America is offering a certification program for workers who have computers but often do not consider security one of their responsibilities.

"This is what we're calling information security for the rest of us," said ITAA president Harris Miller.

The Information Security Awareness Certification is an online test for basic security awareness in eight areas: computer best practices, computer ethics and misuse, identification and data information theft, Internet best practices, passwords, physical security, sensitive information, and viruses and other harmful software.

ITAA developed the test in partnership with Brainbench Inc., a skills assessment company that also administers the test. Measuring the awareness of everyone across an organization according to a common standard should provide managers and clients — be they customers or citizens — greater assurance that security is taken seriously and understood, said Michael Russiello, chief executive officer of Brainbench.

"You can set a goal, and you can hold people accountable to that goal," he said.

Information security awareness for the common computer user is one of the top priorities for the Homeland Security Department's new National Cyber Security Division, and officials are looking to use, enhance and support initiatives that are under way in government and industry, Robert Liscouski, assistant secretary for infrastructure protection who oversees the new division, said at the June 6 briefing announcing the creation of the division.

ITAA is talking with officials from that organization to offer the new certification as one option for testing for increased awareness, Miller said.

"There's been a lot of talk about [security awareness]; this, we believe, will drive action," he said.

Rep. Sherwood Boehlert (R-N.Y.), chairman of the House Science Committee, agreed that while professional information security training is receiving attention and should be receiving funding — in part because of the Cyber Security Research and Development Act of 2002, which he co-sponsored — basic security awareness is just as necessary.

Boehlert's committee staff was one of the first organizations to receive certification under the new program, which means that at least 90 percent of his staff took the test and passed.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.