Since the 60-Day Cyberspace Policy Review wasconducted under the Obama administration, there has been emphasis of the lack of cybersecurity in America. With the Technolytics Institute, a cyber think tank based in Pennsylvania, findings that nonmilitary government organizations had been hacked 128 times a minute in March by alleged Chinese hackers, no wonder cybersecurity has increasingly become a big part of defending national security.
Sens. Jay Rockefeller (D-WV) and Olympia Snowe (R-ME) have co-written a bill proposing national certification and licensing of cybersecurity experts and professionals through the Department of Commerce. The proposal is still in its first stages, and there is currently no government training program for those who work to protect government information.
Advocates believe the bill will help forward U.S. cybersecurity and better prepare information personal in this new technology-driven age. Those opposed believe new government mandate and oversight would hinder cybersecurity research and development and eventually lead to a U.S. lag in cybersecurity; industry would not be able to evolve and adapt to new cyber technology efficiently.
Department of Defense efforts in 2004 to certify 90,000 military, management and contract employees in cyber security may be used as a model for the national program. DoD states success of its program, but currently only 30 percent of workers have been certified.
As explained by Alan Paller, research director at the SANS Institute, the national certification program may not be specific enough to make an impact on maintaining government cyber security.
“My sense is if we care about this enough to make it a national law, we ought to make it much more technical and much more sophisticated,” he said.
If passed, the bill would require certification for IT professionals all across the cyber industry, including both government personnel and government contractors, as well as companies that currently supply information assurance certifications and training.