U.S. Army finds IT security certification difficulties

FRAMINGHAM, Mass. — The U.S. Army is having a hard time manning its IT staff because it cannot find military personnel with the right networking and IT security qualifications.
 
The Department of Defense (DOD) Directive 8570.01-M is a military regulation first published in 2005 with considerable detail on the workplace and related training and certifications that military personnel — and now contractors as well — must have to operate DOD-related information systems for information assurance purposes. But the problem for the Army at this point is that it doesn’t have enough personnel with the required training, said Lisa Lee, information assurance program manager for the Army’s enterprise information systems.

 
To cope with the shortage of certified personnel, the Army is altering its guidelines so that not as many individuals working in areas it calls “an enclave boundary” — defined as a specific set of routers and firewalls — will have to meet the previous requirements, said Lee, who spoke on the topic on behalf of the Army at the recent FOSE Conference in Washington, D.C.
 
With that change, the individuals who have the higher security credentials the military wants will be granted higher network administrative privileges and those at a lower certification level will have less, and likely make less money, she noted. “I was forced to do it,” she said. “We have some good people having trouble passing the tests. They’re just not good test takers.”
 
The alphabet-soup of security certifications, many of them well-known to the private sector, include specific sets of requirements oriented toward various designated security levels and network and operating environment, as listed on the Defense Information Systems Agency website www.disa.mil. The certifications include A+CE, Network+CE, SSCP, GSEC, CISA, GSE, CISSP, GSLC and several more.
 
The Army pays for a lot of baseline training and certification for personnel through vouchers, but the problem now is that “the vouchers run out” and the Army is on the lookout for “as much free stuff” as it can get, Lee said. Contractors are responsible for paying for their own training, she said. And for some types of certifications, Army personnel have to shell out on their own, she added.
 
Lee also noted that if someone is a “valued employee, they’ll put you in another job” if a staffer fails to get specified certification. She said she’s seen people with IT security certifications who weren’t as good in their jobs as those who weren’t similarly certified.
(From Network World U.S.)
 

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now