The Department of Homeland Security has developed a document to help address the quickly advancing security professional market place. The document is titled IT Security Essential Body of Knowledge (EBK). This document outlines the skill sets necessary for different security focus areas. To help tweak this document, and ensure that it meets the requirements of the industry, DHS has put out a request for comments about the documents contents.
Purpose
The EBK draft document has undergone initial review through several working groups and through a series of role-based focus groups with members that serve or have served in IT security roles across the government, industry, and academia. Our purpose is to receive a larger audience review through the Federal Register process prior to finalization of the document and public promotion of its use.
As the Security Catalyst Community is very interested in the development of security professionals, we have begun an effort to review and comment on the contents of the document. (Thank you for the kick, Faith.)
So far I have been managing the review effort via email. Several well known security professionals have stepped forward and will be contributing to this effort. So far the list includes: Rich Mogul, Ron Woerner, Andrew Hay, Rebecca Herold, Michael Santarcangelo, Andy Willingham, David Mortman, Brett Lewis, Martin McKeay, and Landon Lewis. Hopefully more will be added soon.
Besides email, one of the resources we have been using is ScribbleWiki. This is where you, the reader, come into play. If you would like to contribute to the SCC comments you can do so by providing your input at the Security Catalyst Community’s DHS IT Security EBK Response page. Right now there is only input from myself, but in the coming days there should be more comments relating to the different subject areas.
Comments for the document are due by December 7th, 2007. Please provide your input to the ScribbleWiki site or by emailing me directly. On December 6th I will consolidate the comments from the Wiki and emails into the proper documentation. On the 7th I will add any stragglers and then submit the document to DHS.
Remember, there is potential that organizations will use this document to determine where their security professionals should be as they start considering them for hiring or promotions. If you think that something is missing, out of focus, or too much you need to let them know now. This is the Design phase, it is going to be much harder to change once the owners of this document move it into the Implementation phase.
Go forth and do good things,
Don C. Weber
SCC, DHS, security, EBK, Security Ripcord