(ISC)²® (“ISC-squared”) the largest not-for-profit body of certified information and software security professionals worldwide with nearly 110,000 members, announced its concern about U.S. Senate Amendment S.2549 to S.754 —Cybersecurity Information Sharing Act of 2015— that requires the U.S. Department of Homeland Security (DHS) and National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence to develop a certification for existing cybersecurity and information assurance education programs.

The proposed certification will provide training in proper procedure for sharing cyber threat information while protecting sensitive personally identifying information, similar to what is already being accomplished by (ISC)2 and other education and certification bodies.

In a letter delivered this week to U.S. Senator Gary Peters (D-MI), who introduced the latest round of amendments and to various other members of Congress, (ISC)2 officials expressed their concern that cybersecurity is a dynamic field which makes it a challenge for government regulations to keep pace and that conversely, private sector organizations have a long record of successfully keeping certifications current as technologies and their application evolve.

Developing a new certification would be an unnecessary and costly duplication of efforts.

?A more appropriate role for Congress would be to ask all federal government organizations to specify requirements for leveraging the use of existing relevant certifications that map to the framework identified on the National Initiative for Cybersecurity Careers and Studies portal, similar to how the Department of Defense utilizes its 8570 cyber workforce initiative,? says (ISC)2 CEO David Shearer, CISSP, PMP.

?DHS, NIST, and their industry partners have spent considerable resources on mapping existing certifications to the National Cybersecurity Workforce Framework,? says Dan Waddell, CISSP, CAP, PMP, managing director, North America Region, (ISC)