(ISC)2 officials expressed their concern that cybersecurity is a dynamic field which makes it a challenge for government regulations to keep pace.
(PRWEB) August 26, 2015
(ISC)²® (“ISC-squared”) the largest not-for-profit body of certified information and software security professionals worldwide with nearly 110,000 members, today announced its concern about Amendment S.2549 to S.754 – Cybersecurity Information Sharing Act of 2015 that requires the U.S. Department of Homeland Security (DHS) and National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence to develop a certification for existing cybersecurity and information assurance education programs. The proposed certification will provide training in proper procedure for sharing cyber threat information while protecting sensitive personally identifying information, similar to what is already being accomplished by (ISC)2 and other education and certification bodies.
In a letter delivered this week to U.S. Senator Gary Peters (D-MI), who introduced the latest round of amendments and to various other members of Congress, (ISC)2 officials expressed their concern that cybersecurity is a dynamic field which makes it a challenge for government regulations to keep pace, and that conversely, private sector organizations have a long record of successfully keeping certifications current as technologies and their application evolve. Developing a new certification would be an unnecessary and costly duplication of efforts.
“A more appropriate role for Congress would be to ask all federal government organizations to specify requirements for leveraging the use of existing relevant certifications that map to the framework identified on the National Initiative for Cybersecurity Careers and Studies portal, similar to how the Department of Defense utilizes its 8570 cyber workforce initiative,” says (ISC)2 CEO David Shearer, CISSP, PMP.
“DHS, NIST and their industry partners have spent considerable resources on mapping existing certifications to the National Cybersecurity Workforce Framework,” says Dan Waddell, CISSP, CAP, PMP, managing director, North America Region, (ISC)² director of U.S. government affairs. “I believe we share the sentiment of many of the industry’s other certification/training bodies in questioning whether this proposed amendment is really the most effective approach given today’s dynamic threat environment and the government’s immediate need to recruit, hire and train qualified information security professionals.”
Formed in 1989, (ISC)² is the largest not-for-profit membership body of certified information and software security professionals worldwide, with nearly 110,000 members in more than 160 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Information Systems Security Professional (CISSP®) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP®), the Certified Cyber Forensics Professional (CCFPSM), Certified Cloud Security Professional (CCSPSM), Certified Authorization Professional (CAP®), HealthCare Information Security and Privacy Practitioner (HCISPP®), and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information and software security topics. More information is available at http://www.isc2.org.
© 2015, (ISC)² Inc., (ISC)², CISSP, ISSAP, ISSMP, ISSEP, CSSLP, CAP, CCFP, HCISPP, SSCP and CBK are registered marks, and CCSP is a service mark, of (ISC)², Inc.