Skip navigation.
Home

Cyber Security Act of 2009

The Cyber Security Act of 2009 submitted by US senators John Jay Rockefeller and Olympia Snowe looks like it is geared up to be some poor US policy. Joe Stewart has written up a response to it. Joe makes some very valid observations.

To recap the criticism of the bill, there are two big complaints: First is that it gives the president the power to turn off the Internet in an emergency. Second it requires mandatory licensing for "Infosec professionals." The second point is the one I take the most issue with.

Requiring mandatory licensing for a field as dynamic and changing as ours is just a bad idea. There are already a couple of government entities that require the CISSP as a condition of employment. Side-stepping a long winded rant about the CISSP, it is not an accurate measure of knowledge. There has been a concerted effort to liken our field to others such as electricians and general contractors. The problem is that things are changing so fast, any certification is basically worthless as soon as it is issued.

So if you're a US citizen please write your senators and encourage them to revise this bill.

Technology.

The problem with this Act is that technology changes at such a fast rate that governmental bodies cannot keep up. The lag time would make the certification useless at best. casino online