Cybersecurity credential could make hiring even harder

Few things agitate the workforce more than having the government get involved in deciding who qualifies as a professional in a particular field. Passions are likely to be stirred once again now that the Commission on Cybersecurity for the 44th Presidency is set to recommend to the Obama administration that federal information technology security workers be formally certified for their cybersecurity skills.

The commission is also expected to propose that the certification requirement be extended beyond federal employees and contractors to encompass regulated entities, such as critical infrastructure organizations, reports Kelly Jackson Higgins at DarkReading.

As Higgins points out, the demand for cybersecurity professionals will explode in the near future. The Homeland Security Department wants to hire 1,000 of them, but there simply aren't enough qualified candidates to go around. Requiring formal certification could make it even harder to fill positions — a point that some commission members recognize. Higgins quotes Tom Kellermann, a member of the commission and vice president at Core Security Technologies, as saying that adding certification to the mix could create a monster when it comes to recruiting cybersecurity professionals.

Commission members and former government officials say the commission will recommend that the administration establish a certification body with the same kind of oversight that the National Board of Medical Examiners provides in health care, according to NextGov’s Jill Aitoro. Furthermore, the commission will advise the administration to define a core set of skills that cybersecurity workers must have.

However, Aitoro also quotes an unnamed Air Force official as saying it’s not the government’s job to push certification requirements, which he said he believes will make it harder to recruit talented workers. “Government doesn’t train doctors and lawyers — they hire them,” he said.

In an opinion piece in Federal Computer Week, Daniel Castro, a senior analyst at the Information Technology and Innovation Foundation, said most organizations understand that "simply getting their employees certified will not solve their security challenges." At the federal level, a certification mandate “would be little more than a box-checking activity for agencies,” he added.

The commission’s report, which is due to be published late this month or in early July, will revive a debate that first surfaced last year when Sens. Jay Rockefeller (D-W.Va) and Olympia Snowe (R-Maine) proposed that the Commerce Department establish a licensing and certification program for cybersecurity professionals.

However, another bill under consideration seeks to expand DHS' authority to secure the country's computer systems. If passed, it could wind up giving DHS the power to decide what the new cybersecurity certification will entail.

 

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.