Quick Quip: Capability, Reliability and Liability…Security Licensing
Earlier today, I tweeted the following and was commented on by Dan Kaminsky (@dakami):
@beaker “In general, security engineers are neither.”
— Dan Kaminsky (@dakami) November 28, 2012
…which I explained with:
We practice and focus on physical infrastructure, network and application security as relevant discipline slices, but “information?”…
— [Christofer] Hoff (@Beaker) November 28, 2012
This led to a very interesting comment by Preston Wood who suggested something very interesting from the perspective of both leadership and accountability:
@beaker @dakami It’s time for a degreed or licensed requirement for security decision makers – just like other critical professions
— Preston Wood (@preston_wood) November 28, 2012
…and that brought forward another insightful comment:
@beaker @dakami would be nice if there were engineers out there that did accept liability.It’d end charlatanism quickly.
— ǝɔʎoſ ʇʇɐW (@openfly) November 28, 2012
Pretty interesting, right? Engineers, architects, medical practitioners, etc. all have degrees/licenses and absorb liability upon failure. What about security?
What do you think about this concept?
/Hoff
Recent Comments