Among the <strong>problems Uncle Sam has in getting and keeping top IT pros</strong>, those who responded to a survey by the International Information Systems Security Certification Consortium want to add "a lack of a defined career path" for federal IT security workers.
In the poll of nearly 700 IT security pros, that "career path" issue was the top reason (75 percent saying so) given for the shortage of federal IT security pros, as eWEEK reports. Nearly half said that current information security certification programs are not turning out people with the needed skills.
As Government Computer News points out, the survey was more focused on the skills gap rather than a manpower shortage in government IT security.The need to improve government IT security grows ever more obvious with each passing day. The question is how to train a work force with the appropriate skills. And what would that "career path" look like?
The article quotes organization President W. Hord Tipton as saying of the CISSP, created in 1993:
We probably built the wrong credential first in terms of a career path.
Because the CISSP, which requires five years of experience in at least two of the domains it covers, it creates a five-year gap between the time when a person enters the work force and when that person can be certified. The organization is focusing more recently on some entry-level certifications. He also criticized college programs generally as not producing job candidates with the skills the industry requires. In that regard, it's like cloud computing in that college programs are scrambling to catch up and generally people learn by doing or are trained on the job.
Neither college programs nor certification programs alone are seen as the answer, but the Consortium is among a group of industry standards bodies warning Congress against a government-run board of examiners to oversee licensing of security professionals. A letter the organization sent to members of Congress urged these measures: