Consortium forms government IT security board
Thirteen senior government information security professionals have agreed to serve on an advisory board to help define certification needs for IT security professionals.
Thirteen senior government information security professionals have agreed to serve on an advisory board to help define certification needs for IT security professionals.
The board was created by the International Information Systems Security Certification Consortium (ISC2), which provides training and testing for the Certified Information Systems Security Professional certification. The board will advise ISC2 on certification and training needs specific to government.
The board will be co-chaired by Bruce A. Brody, associate deputy assistant secretary for cyber and information security at the Veterans Affairs Department, and ISC2 director of government affairs Lynn McNulty.
"It's all about professionalization," Brody said. The CISSP certification is widely known in industry, "but not that widely known in government. ISC2 is looking for a way to take what has been accomplished in industry and adapt it for the government. To do that, they need to know government's unique needs."
CISSP covers a general body of knowledge about IT security. "We operate in a completely different environment, with legislation, regulatory and oversight requirements," Brody said of government IT professionals. ISC2 is looking for advice on how to adapt its certifications to government needs, or to create new government- or agency-specific certifications.
"For the last couple of years, there has been a lot of talk about how the government needs to lead by example in cybersecurity," said McNulty, former associate director for computer security at the National Institute of Standards and Technology. "We think increasing the professionalism of the government IT security work force is key to leading by example. As a former fed I'm very sympathetic to what the government is trying to do."
McNulty said the government committee is the first of what is expected to be a series of advisory boards focusing on separate sectors. The government sector came first because of the call to lead by example and because its needs "are a little more complex" due to the amount of classified and sensitive information government systems hold.
The board's first meeting will be June 4 in Washington and it is expected to meet at least three times a year. McNulty said there is no timetable for producing the first recommendations.
All board members are CISSP-certified. They are:
NEXT STORY: Deloitte Consulting names Robinson CEO