In this fourth article in this five-part series, I look at the controversy surrounding U.S. government proposals for mandatory certification of security professionals.
* * *
On April Fool's Day 2009, senators John D. "Jay" Rockefeller (D-W.V.) and Olympia Snow (R-Maine)> introduced Senate Bill 773, "A bill to ensure the continued free flow of commerce within the United States and with its global trading partners through secure cyber communications, to provide for the continued development and exploitation of the Internet and intranet communications for such purposes, to provide for the development of a cadre of information technology specialists to improve and maintain effective cybersecurity defenses against disruption, and for other purposes." The bill's short title is the "Cybersecurity Act of 2009."
Among other important proposals bearing on the security of critical communications and computing infrastructure, the bill would introduce what Scott Petersen of SearchCompliance.com describes as, "a raft of new federal security standards and certification and licensing requirements that could have major impacts on businesses and security professionals."
Ben Bain ably summarized the key points of the bill about licensing in a June 18, 2009 article in Federal Computer Week.
From what I can tell by reading the pro/con arguments, here's a summary of the arguments. I leave it to readers to make up their own minds.