Cybersecurity credential could make hiring even harder

Few things agitate the workforce more than having the government get involved in deciding who qualifies as a professional in a particular field. Passions are likely to be stirred once again now that the Commission on Cybersecurity for the 44th Presidency is set to recommend to the Obama administration that federal information technology security workers be formally certified for their cybersecurity skills.

The commission is also expected to propose that the certification requirement be extended beyond federal employees and contractors to encompass regulated entities, such as critical infrastructure organizations, reports Kelly Jackson Higgins at DarkReading.

As Higgins points out, the demand for cybersecurity professionals will explode in the near future. The Homeland Security Department wants to hire 1,000 of them, but there simply aren't enough qualified candidates to go around. Requiring formal certification could make it even harder to fill positions — a point that some commission members recognize. Higgins quotes Tom Kellermann, a member of the commission and vice president at Core Security Technologies, as saying that adding certification to the mix could create a monster when it comes to recruiting cybersecurity professionals.

Commission members and former government officials say the commission will recommend that the administration establish a certification body with the same kind of oversight that the National Board of Medical Examiners provides in health care, according to NextGov’s Jill Aitoro. Furthermore, the commission will advise the administration to define a core set of skills that cybersecurity workers must have.

However, Aitoro also quotes an unnamed Air Force official as saying it’s not the government’s job to push certification requirements, which he said he believes will make it harder to recruit talented workers. “Government doesn’t train doctors and lawyers — they hire them,” he said.

In an opinion piece in Federal Computer Week, Daniel Castro, a senior analyst at the Information Technology and Innovation Foundation, said most organizations understand that "simply getting their employees certified will not solve their security challenges." At the federal level, a certification mandate “would be little more than a box-checking activity for agencies,” he added.

The commission’s report, which is due to be published late this month or in early July, will revive a debate that first surfaced last year when Sens. Jay Rockefeller (D-W.Va) and Olympia Snowe (R-Maine) proposed that the Commerce Department establish a licensing and certification program for cybersecurity professionals.

However, another bill under consideration seeks to expand DHS' authority to secure the country's computer systems. If passed, it could wind up giving DHS the power to decide what the new cybersecurity certification will entail.

 

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.