nanog mailing list archives
Re: Ready to get your federal computer license?
From: Valdis.Kletnieks () vt edu
Date: Mon, 31 Aug 2009 15:24:56 -0400
On Mon, 31 Aug 2009 14:06:56 EDT, "Sachs, Marcus Hans (Marc)" said:
(d) CERTIFICATION.-Beginning 3 years after the date of enactment of this Act, it shall be unlawful for an individual who is not certified under the program to represent himself or herself as a cybersecurity professional.
Highly unlikely that 3 years is sufficient time to devise a certification, a testing program, and get enough people certified. 5 years would be much more reasonable. It will probably take over a year just to thrash out what a "certification" is. Consider the vast difference in scope and depth between a CISSP and one of the GIAC certs. (Ghod forbid somebody suggest something rational like "upper managers need a CISSP-ish cert and line emplouees need a relevant GIAC-ish cert.. :)
(e) CERTIFIED SERVICE PROVIDER REQUIREMENT.-Notwithstanding any provision of law to the contrary, the head of a Federal agency may not use, or permit the use of, cybersecurity services for that agency that are not managed by a cybersecurity professional who is certified under the program.
Unintended consequences - will this encourage the head of an agency to instead say "screw it" and *not* use any cybersecurity services?
A question for the NANOG community - if this section were to only apply to US government employees would it be acceptable? In other words, strike any reference to the private sector (except perhaps for those in the private sector who are under contract to perform government work.)
Limiting it to "US government agencies, employees, and contractors" would certainly trim out about 95% of the contentious areas. But it still leaves me, personally, on the hot seat - am I on the hook because I'm responsible for research data that's NSF-funded? ;)
Attachment:
_bin
Description:
Current thread:
- Re: Ready to get your federal computer license?, (continued)
- Re: Ready to get your federal computer license? David Hiers (Aug 31)
- Re: Ready to get your federal computer license? J.D. Falk (Aug 31)
- Re: Ready to get your federal computer license? William Warren (Aug 30)
- Re: Ready to get your federal computer license? David Temkin (Aug 28)
- Re: Ready to get your federal computer license? Valdis . Kletnieks (Aug 31)
- Re: Ready to get your federal computer license? Jason Jenisch (Aug 31)
- Re: Ready to get your federal computer license? Peter Beckman (Aug 31)
- Re: Ready to get your federal computer license? Jack Bates (Aug 31)
- Re: Ready to get your federal computer license? AMuse (Aug 31)
- RE: Ready to get your federal computer license? Sachs, Marcus Hans (Marc) (Aug 31)
- Re: Ready to get your federal computer license? Valdis . Kletnieks (Aug 31)
- Re: Ready to get your federal computer license? David Hiers (Aug 31)
- Re: Ready to get your federal computer license? Peter Beckman (Aug 31)