By Patience Wait
The Commerce Department has awarded a task order to the International
Information Systems Security Certification Consortium, or (ISC)2, to
provide an expanded information security education program for the
department's information security employees.
The consortium will provide on-site, classroom-based courses for its
Certified Information Systems Security Professional, Systems Security
Certified Professional, and Certification and Accreditation
Professional credentials. Commerce will provide vouchers valid for one
year that its employees may use in (ISC)2 classes.
Nancy DeFrancesco, the chief information security officer for
Commerce, said that she hopes this education and training program will
develop into a center of excellence within the security line of
business established by the Office of Management and Budget.
For the past two years, IT security professionals in the department
had been using the Office of Personnel Management.s online learning
center. But DeFrancesco said she wanted a broader course offering than
that run by OPM, and she wanted to give employees different ways to
"Our component [agencies] were interested in instructor-led training,
and, of course, people learn in different ways," she said. "We also
have a need, with Commerce personnel worldwide, [for a] delivery
capability that reaches around the world... We just saw this as
another outlet that provided more diverse, well-rounded service".
While courses initially will be classroom-based, DeFrancesco said, the
plan is to make them available at the Commerce headquarters in
Washington, for the vouchers to be used by employees around the
country at (ISC)2 venues, and to include Web-based classes.
Classes will begin this month. The first course, for 25 students, is
going to be for CISSP, with the others rolled out over a year.
DeFrancesco said she is already fielding calls from security personnel
asking to enroll.
As for expanding the program into a center of excellence, DeFrancesco
said she had served on the task force for the information security LOB
and became quite familiar with that initiative.
"The secretary of Commerce has imparted the importance of striving for
excellence," she said. "We are, by [the Federal Information Security
Management Act], directed to establish a training program, and if so,
why not one that sets us out as a center of excellence for other
Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.