Will,
I agree with John, if you could pick a different time I think it would
be a bit better. Please do list your affliation as LOPSA as this is
something I, and I think many members of LOPSA are interested in.
cheers,
ski
On 10/25/2013 06:54 AM, Will Dennis wrote:
(CC'ing Matt since he's currently on vacation, and want him to see
this...)
OK, how about the 9:30-10:30pm slot on Wed 11/6, immediately
following the LOPSA Mentorship BoF? If this doesn't work, pls suggest
an alternate slot...
Also, for the organizer, I can do it, but can I list my affiliation
as "LOPSA" since I can't really speak for the organization (just a
member, not a Board member...)
Thanks, Will
________________________________________ From: Joseph Kern
[[email protected]] Sent: Friday, October 25, 2013 2:15 AM To:
Will Dennis Cc: Pamela Lynn Howell; [email protected] Subject:
Re: [lopsa-discuss] Dan Geer on the state of Professionalization in
Cybersecurity
Looks like we found our organizers! A discussion on what
professionalization (the act of a person becoming professional) will
look like for sysadmin?
On Fri, Oct 25, 2013 at 3:37 AM, Will Dennis
<[email protected]<mailto:[email protected]>> wrote: OK by me -
hope we can get Matt to attend as well as everyone else who's
interested...
-----Original Message----- From: Pamela Lynn Howell
[[email protected]<mailto:[email protected]>] Sent:
Thursday, October 24, 2013 06:17 PM Eastern Standard Time To: Will
Dennis Cc: [email protected]<mailto:[email protected]>
Subject: Re: [lopsa-discuss] Dan Geer on the state of
Professionalization in Cybersecurity
Will!
Let's wrangle a BoF on the topic at LISA! Sounds a lot like a
previous thread started by Matt a few months ago, too.
I want to work on putting this together, seriously.
---pam
On Oct 24, 2013 12:44 PM, "Will Dennis"
<[email protected]<mailto:[email protected]>> wrote: Hmmm. the
URL http://www.sysadmin.com.au/sa-bok.html does not seem to respond
(interestingly, it does ping, but the rDNS is
"mail.sysadmin.com.au<http://mail.sysadmin.com.au>".) Anybody with an
alternate link out there?
Love! This! Discussion! Agree with the NIST definition, and would
LOVE to see LOPSA (and/or LISA) pursue this.
Looking fwd to meeting everyone who is going to LISA this year,
hopefully the conversation can continue there f2f.
- Will
From:
[email protected]<mailto:[email protected]>
[mailto:[email protected]<mailto:[email protected]>]
On Behalf Of Hal Miller Sent: Thursday, October 24, 2013 12:25 PM To:
[email protected]<mailto:[email protected]> Cc: Lopsa Discussion Subject: Re:
[lopsa-discuss] Dan Geer on the state of Professionalization in
Cybersecurity
Geoff Halprin put together a good body of knowledge some years ago.
Don't know whether he's kept it up. Check out
sysadmin.com.au<http://sysadmin.com.au> and look for sa-bok (sysadmin
body of knowledge). At the lesst, it was an excellent starting point
for someone wanting to look into this now.
On Thu, Oct 24, 2013 at 11:21 AM, Ski Kacoroski
<[email protected]<mailto:[email protected]>> wrote: I like this
NIST paper definitions:
http://csrc.nist.gov/nice/documents/a_historical_view_of_how_occupations_become_professions_100312_draft_nice_branded.pdf
'For the purposes of this paper, the operational definition of
profession is "a profession is defined by: (1) a body of knowledge,
(2) ethical guidelines, and (3) a professional organization with a
growing set of published papers and best practices" (Cox, 2010, p.
7).'
Using this definition, we have #2 and part of #3 (e.g. LOPSA and the
USENIX short books and some vendor best practice documents). We are
still missing an up-to-date body of knowledge that people can refer
to and easily find.
cheers,
ski
On 10/24/2013 09:09 AM, Joseph Kern wrote: From the paper[1]:
"A useful, more comprehensive definition can be derived from
suggestions by several speakers at the workshop convened by this
committee.
That definition identifies the following characteristics of a
professional:
(1) passing a knowledge and/or performance test, (2) superior
completion of study of intellectual basis of the profession, (3) a
sustained period of mentored experience/apprenticeship, (4)
continuing education, (5) licensing by a formal authority, and (6)
ethical standards of behavior with enforcement, including removal
from the profession.
A field that possesses all of these characteristics will almost
certainly be recognized as a profession, but not all are required for
a field to be recognized as a profession."
Sysadmin meet the criteria of items 3 and 4, but those seem to be
the least important of the 6 items, as many trades share the exact
same criteria.
[1]: http://www.nap.edu/openbook.php?record_id=18446&page=14
On Thu, Oct 24, 2013 at 7:22 PM, Carolyn Rowland
<[email protected]<mailto:[email protected]>
<mailto:[email protected]<mailto:[email protected]>>> wrote:
Mark,
What is your definition of profession?
Carolyn
On Thu, Oct 24, 2013 at 10:23 AM, M^2
<[email protected]<mailto:[email protected]>
<mailto:[email protected]<mailto:[email protected]>>> wrote:
It took me a long time to figure out that the referenced study/paper
is not using the word profession in the way I would. They explicitly
refer to a profession as meaning it has fixed certifying bodies like
the AMA that serve as a guarantor of a certain body of knowledge, or
some other explicit training/qualification, like a certified
engineer.
Given my widely aired views on the value of certification in general,
my initial revulsion to the statement is softened. I believe that
the paper in question is playing redefinition games, but keeping
their redefinition in mind, it reduces my concern.
It's a long essay that goes into many different areas. I won't
comment on most of it for now at least, but it was an interesting
read, even those parts I disagreed with.
On Thu, Oct 24, 2013 at 9:42 AM, Joseph Kern
<[email protected]<mailto:[email protected]>
<mailto:[email protected]<mailto:[email protected]>>>
wrote:
/"As you know, I work the cybersecurity trade, and I am gratified
that ten days ago the U.S. National Academy of Sciences, on behalf of
the Department of Homeland Security, *concluded that cybersecurity
should be seen as an occupation and not a profession because the rate
of change is too great to consider professionalization.*"/
Dan Geer just gave an amazing keynote (that I am currently writing up
a review for on my blog) and this quote stuck out at me as an
interesting topic of discussion for LOPSA.
Here is the text of the keynote:
http://geer.tinho.net/geer.uncc.9x13.txt Here is the study cited:
http://www.nap.edu/openbook.php?record_id=18446&page=R1
I don't think I've ever heard "rate of change" as being included in a
definition of a Professional before. Does this argument carry any
weight? I imagine Doctors and Lawyers experience a "rate of change"
that is far lower than that of a Systems Administrator or a Security
"Professional".
-- Joseph A Kern
[email protected]<mailto:[email protected]>
<mailto:[email protected]<mailto:[email protected]>>
_______________________________________________ Discuss mailing list
[email protected]<mailto:[email protected]>
<mailto:[email protected]<mailto:[email protected]>>
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list
provided by the League of Professional System Administrators
http://lopsa.org/
_______________________________________________ Discuss mailing list
[email protected]<mailto:[email protected]>
<mailto:[email protected]<mailto:[email protected]>>
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list
provided by the League of Professional System Administrators
http://lopsa.org/
-- Joseph A Kern
[email protected]<mailto:[email protected]>
<mailto:[email protected]<mailto:[email protected]>>
_______________________________________________ Discuss mailing list
[email protected]<mailto:[email protected]>
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list
provided by the League of Professional System Administrators
http://lopsa.org/
-- "When we try to pick out anything by itself, we find it connected
to the entire universe" John Muir
Chris "Ski" Kacoroski, Director of LOPSA,
[email protected]<mailto:[email protected]>, 206-501-9803<tel:206-501-9803>
or ski98033 on most IM services
_______________________________________________ Discuss mailing list
[email protected]<mailto:[email protected]>
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list
provided by the League of Professional System Administrators
http://lopsa.org/
_______________________________________________ Discuss mailing list
[email protected]<mailto:[email protected]>
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list
provided by the League of Professional System Administrators
http://lopsa.org/
_______________________________________________ Discuss mailing list
[email protected]<mailto:[email protected]>
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list
provided by the League of Professional System Administrators
http://lopsa.org/
-- Joseph A Kern
[email protected]<mailto:[email protected]>
_______________________________________________ Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss This list
provided by the League of Professional System Administrators
http://lopsa.org/
--
"When we try to pick out anything by itself, we find it
connected to the entire universe" John Muir
Chris "Ski" Kacoroski, Director of LOPSA, [email protected],
206-501-9803 or ski98033 on most IM services
_______________________________________________
Discuss mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
