Home > Uncategorized > Not Enough Qualified Security Professionals?

Not Enough Qualified Security Professionals?

The Partnership for Public Service and Booz Allen Hamilton recently released the results and conclusions of a study they conducted concerning cyber attack-related risks that the US government faces. One overall conclusion of the study is that the US government will probably experience a shortage in the number of well-qualified information security professionals that it will have. Several factors, according to the study, contribute to the problem:

– A lack of well-qualified information security professionals in the first place

– The US government’s decentralized culture concerning human resource needs

– The hiring process itself. US government agencies and departments bungle their way through the hiring process. Many well-qualified information security professionals give up, rather than allow themselves to be strung along for many months without any progress in their effort to be hired.

– Front-line hiring managers and government personnel specialists do not see eye-to-eye concerning the qualifications information security specialists are supposed to have. Consequently, many well-qualified security professionals are not recognized as such, so they are overlooked in the hiring process.

Although part of the results and conclusions seem plausible to me, saying that there is a lack of well-qualified information security professionals smacks of something less than competent judgment for two reasons:

– In these hard times, we have a glut of exceptionally well-qualified information security professionals who are without work. I know many such individuals well, and I know first hand what many of them know and are capable of accomplishing. A large percentage of these individuals would love to have a job with the US government right now. Apparently, the US government as well the Partnership for Public Service and Booz Allen Hamilton are simply not aware of them and do not know how to connect with them, very possibly because none of the above is truly in the mainstream of information security.

– By saying what they have said, the Partnership for Public Service and Booz Allen Hamilton have in effect impugned the reputation of information security itself. Perhaps these entities are not aware of the diligent efforts of great pioneers in this arena such as Hal Tipton and Micki Krause who spearheaded efforts to develop a Common Body of Knowledge and, ultimately, CISSP certification. It seems to me that the minimum qualifications for being a “well-qualified information security professional” would be a certain amount of practical experience in the arena and CISSP certification. The Partnership for Public Service and Booz Allen Hamilton do not seem to agree, however.

The rest of the surveyís findings make sense, but then again, the rest of the findings really only echo the obvious. Yes, we all know that a significant part of the US government’s problems is due to the fact that it is such a decentralized entity and that it is neither designed nor prepared to move forward on virtually any issue very quickly. I thus must question the value of the Partnership for Public Service and Booz Allen Hamilton’s study. Perhaps we can at least take heart in the fact that by paying these entities to conduct this survey, the US government has stimulated our ailing economy.

Categories: Uncategorized Tags:
  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.