'Career Path' Lacking in Federal IT Security?

Susan Hall
Slide Show

Top 15 Tech Certifications in Today's Market

Among the <strong>problems Uncle Sam has in getting and keeping top IT pros</strong>, those who responded to a survey by the International Information Systems Security Certification Consortium want to add "a lack of a defined career path" for federal IT security workers.


The Consortium is the outfit that issues the Certified Information Systems Security Professional (CISSP) certificate, one of the hottest IT certifications around.


In the poll of nearly 700 IT security pros, that "career path" issue was the top reason (75 percent saying so) given for the shortage of federal IT security pros, as eWEEK reports. Nearly half said that current information security certification programs are not turning out people with the needed skills.


As Government Computer News points out, the survey was more focused on the skills gap rather than a manpower shortage in government IT security.The need to improve government IT security grows ever more obvious with each passing day. The question is how to train a work force with the appropriate skills. And what would that "career path" look like?


The article quotes organization President W. Hord Tipton as saying of the CISSP, created in 1993:

We probably built the wrong credential first in terms of a career path.

Because the CISSP, which requires five years of experience in at least two of the domains it covers, it creates a five-year gap between the time when a person enters the work force and when that person can be certified. The organization is focusing more recently on some entry-level certifications. He also criticized college programs generally as not producing job candidates with the skills the industry requires. In that regard, it's like cloud computing in that college programs are scrambling to catch up and generally people learn by doing or are trained on the job.


Neither college programs nor certification programs alone are seen as the answer, but the Consortium is among a group of industry standards bodies warning Congress against a government-run board of examiners to oversee licensing of security professionals. A letter the organization sent to members of Congress urged these measures:


  • Identify multiple sources of information to determine the adequacy of (and gaps in) the current certification process.
  • Weigh whether current and proposed solutions support the goal of achieving a global approach to cyber security.
  • Carefully review empirical evidence to determine the correct approach between knowledge-based and performance-based training.
  • Ensure that certification requirements do not become overly technology-specific.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.