The new cybersecurity licensing proposal at a glance

Here's how the proposal would work

Q. What does this Senate cybersecurity proposal seek to do?

A. It would require that all government employees and contractors be certified and licensed if they provide cybersecurity services to an agency or for an information system the president designates as critical infrastructure.

Q. How many cybersecurity workers would be affected by the new requirement?

A. Certainly tens of thousands, though precise numbers are difficult to determine because the government does not have a separate job classification for cybersecurity workers.

Q. Is there a difference between certification and licensing?

A. IT certifications traditionally are created and administered by companies and nonprofit industry organizations. Licensing entails some government role in developing or approving the program.

Q. What kinds of training would be included in certification or licensing?

A. The Senate proposal does not state whether the government should use existing commercial programs or develop its own.

Q. Are there any similar requirements already in place in the government?

A. There are no governmentwide programs, but in 2004, the Defense Department started requiring certifications — but not licensing — for all workers who handle information assurance tasks. The requirement applies to 90,000 employees, but only about 30 percent of them have been certified through the program so far.

About the Author

Ben Bain is a reporter for Federal Computer Week.

inside gcn

  • open doors to cloud (Sergey Nivens/Shutterstock.com)

    New vendors join FedRAMP Connect

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group