Home About Blog Media Free Courses Workshops

Cybersecurity Disclosure Act of 2019

October 31, 2019

The Senate and the House are both working on a new law aimed to get knowledgeable security experts on the boards of companies. What could go wrong? What could go right?

What Can Go Wrong?

What Could Go Wrong

Inaction at the federal level. As of this writing, the impeachment inquiry vote passed and all of Congress is focused on this. This could mean that bills such as this one will not go through and have to wait for a later time. This just means business as usual as the bad guys continue to attack and businesses do not take cyber security as serious as physical security.

Bill gets watered down. As of this writing, the bill requires someone who fits the NICE Workforce Framework. Hopefully, it stays high enough to thwart the real issue I forsee, Snake Oil Salesman.

Snake Oil Salesman

Slow

It is no surpise to anyone that Cyber security is a lucrative field with negative unemployment, so it is no surpise that people can easily learn the buzz words, make great sales pitches and get the jobs without having the real "keyboard experience" as one director put it who tried to put me down. What's worse is the people at the top of organizations are not educated to catch someone who isn't truly knowledgeable vs. someone who is.

This law, if it passes and takes effect, will once again bring these people out of the woodwork to attempt to get the jobs that they are not truly knowledgable and therefore not qualified to get. It is imperative to educate all levels on cyber security so when it comes to hiring, they choose wise people who will properly steward their organizations. I advocate to focus more on the experience and certifications over degrees, as most seek a Bachelor's in anything, but we have industry certifications that are rigorous enough to prove a candidate's knowledge and experience (CompTIA, ISC2, EC-Council, etc).

What Can Go Right

Cant

Qualified Professionals at the helm. The immediate success is our businesses will have someone who is knowledgeable and experienced in the highest levels working to fight against the ever ending issues we face like ransomware. In 2019, it has become far too prevalent to see everyone hit by ransomware and pay up or close shop. This is not ok and should not be the norm.

What Am I Doing About This / What Can I Do About this?

You can educate yourself at a Community College. I know first hand that the stigma of Community Colleges is no longer a valid claim. Besides the reduced prices for the same classes you can get articulated to a 4 year University, there are qualified people who are teaching courses around the state. Take advantage of them! You can get good discounts to take certification tests and get credit!

You can advocate for certifications and experience over Bachelor's Degrees only. Many qualified professionals who are able to take these jobs don't have that degree, meaning they are unable to serve.

What Am I Doing About This? I will continue teaching at Cabrillo College and the Bay Area Cyber Competitions Program, ensuring that students are receiving the proper training and resources for them to take on these jobs. I do not want to see more Snake Oil Salesman. At the same time, I am gaining more certifications to further my qualifications ahead of this law taking effect to be hirable for these positions.