Tech groups still worried about cert requirements in Rockefeller-Snowe bill
Three technology trade associations remain worried about provisions in a cybersecurity bill in the Senate that involve certification requirements for cybersecurity professionals.
TechAmerica, the Business Software Alliance, and the Information Technology Industry Council have sent a letter to Sens. John Rockefeller (D-W. Va.) and Olympia Snowe (R-Maine) praising the senators for their efforts to highlight cybersecurity and strengthen cooperation between government and industry on computer security. However, the groups said “in aiming to strengthen a public-private partnership, the bill creates a compliance-focused framework that we think could hamper effective risk management, which we understand is not the intent.”
Under the latest draft of the bill, released on March 17, a presidential administration would collaborate with companies that control critical infrastructure to identify the best training, accreditation, and certification programs for cybersecurity employees. Cybersecurity professionals that do specific types of jobs would have to go through those programs.
The idea of requiring certification and accreditation for industry officials has been controversial since it was proposed in the original draft of the bill last April.
“The technology industry welcomes efforts to shore up the cybersecurity profession and increase the qualified cadre of cybersecurity professionals that are trained to defend our corporate and government networks,” the groups wrote. “However, an employee certification program as currently proposed could be conceived in a way that is too bureaucratic and burdensome, and the implementation of which may not even achieve our mutual goal of improving our cybersecurity workforce.”
The bill cleared the Senate Commerce Committee earlier today and is on its way to the full Senate for further consideration.
Posted by Ben Bain on Mar 24, 2010 at 7:21 PM