Cybersecurity credential could make hiring even harder

Few things agitate the workforce more than having the government get involved in deciding who qualifies as a professional in a particular field. Passions are likely to be stirred once again now that the Commission on Cybersecurity for the 44th Presidency is set to recommend to the Obama administration that federal information technology security workers be formally certified for their cybersecurity skills.

The commission is also expected to propose that the certification requirement be extended beyond federal employees and contractors to encompass regulated entities, such as critical infrastructure organizations, reports Kelly Jackson Higgins at DarkReading.

As Higgins points out, the demand for cybersecurity professionals will explode in the near future. The Homeland Security Department wants to hire 1,000 of them, but there simply aren't enough qualified candidates to go around. Requiring formal certification could make it even harder to fill positions — a point that some commission members recognize. Higgins quotes Tom Kellermann, a member of the commission and vice president at Core Security Technologies, as saying that adding certification to the mix could create a monster when it comes to recruiting cybersecurity professionals.

Commission members and former government officials say the commission will recommend that the administration establish a certification body with the same kind of oversight that the National Board of Medical Examiners provides in health care, according to NextGov’s Jill Aitoro. Furthermore, the commission will advise the administration to define a core set of skills that cybersecurity workers must have.

However, Aitoro also quotes an unnamed Air Force official as saying it’s not the government’s job to push certification requirements, which he said he believes will make it harder to recruit talented workers. “Government doesn’t train doctors and lawyers — they hire them,” he said.

In an opinion piece in Federal Computer Week, Daniel Castro, a senior analyst at the Information Technology and Innovation Foundation, said most organizations understand that "simply getting their employees certified will not solve their security challenges." At the federal level, a certification mandate “would be little more than a box-checking activity for agencies,” he added.

The commission’s report, which is due to be published late this month or in early July, will revive a debate that first surfaced last year when Sens. Jay Rockefeller (D-W.Va) and Olympia Snowe (R-Maine) proposed that the Commerce Department establish a licensing and certification program for cybersecurity professionals.

However, another bill under consideration seeks to expand DHS' authority to secure the country's computer systems. If passed, it could wind up giving DHS the power to decide what the new cybersecurity certification will entail.

 

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.