Cybersecurity Workforce Training and Development

advertisement
Bill Newhouse
Two Government Cybersecurity Initiatives
NIST
Agenda
1. An overview of the National Initiative for Cybersecurity
Education (NICE) including - What is your role in it?
2. An overview of the soon-to-released "Trustworthy
Cyberspace: Strategic Plan for the Federal Cybersecurity
Research and Development Program" - Why it matters to you?
Interagency Process led by NIST
Component 1: Cybersecurity Awareness
Component 2: Formal Cybersecurity Education
Component 3: Cybersecurity Workforce Structure
Component 4: Cybersecurity Workforce Training and Development
National Initiative for Cybersecurity Education (NICE)
NICE Accomplishments
•
Completed the public review period on October 3rd for the draft Strategic
Plan which identifies goals and objectives of the initiative.
•
Introduced the NICE Cybersecurity Workforce Framework for public
comment until December 2011. The framework can be overlaid onto any
organization’s existing occupational structure and is designed to baseline
capabilities, identify skill gaps, develop cybersecurity talent in the
workforce, and prepare the pipeline of future talent.
•
Hosted 2nd Annual NICE Workshop, “Shaping the Future of Cybersecurity
Education – Engaging Americans in Securing Cyberspace”, with over 300
attendees from academia, government and industry.
National Initiative for Cybersecurity Education
Draft Strategic Plan
1. Raise awareness among the American public about the
risks of online activities.
2. Broaden the pool of skilled workers capable of
supporting a cyber-secure nation.
3. Develop and maintain an unrivaled, globally competitive
cybersecurity workforce
http://csrc.nist.gov/nice/documents/nicestratplan/Draft_NICE-Strategic-Plan_Aug2011.pdf
National Initiative for Cybersecurity Education
Future Plans
Promote the NICE Cybersecurity Workforce Framework
Seven high-level categories, each comprising several specialty areas.
Organizing structure is based on extensive job analyses and groups together work and
workers that share common major functions, regardless of actual job titles or other
occupational terms.
As the job analysis information regarding these specialty areas is extensive, only the
framework is published here.
Additional details regarding each specialty area, as well as more information about the
framework in general, is available online.
http://csrc.nist.gov/nice/framework/
Trustworthy Cyberspace:
Strategic Plan for the Federal Cybersecurity Research and Development Program
As a research and development strategy, this plan defines four thrusts:
Inducing Change: utilizing game-changing themes to understand the underlying root
causes of existing cybersecurity deficiencies with the goal of disrupting the status quo
Developing Scientific Foundations: minimizing future cybersecurity problems by
developing the science of security
Maximizing Research Impact: catalyzing coordination, collaboration, and integration of
research activities across Federal agencies for maximum effectiveness
Accelerating Transition to Practice: expediting improvements in cyberspace from
research findings through focused transition programs
Trustworthy Cyberspace:
Strategic Plan for the Federal Cybersecurity Research and Development Program
Themes for Inducing Change:
Tailored Trustworthy Spaces
Supporting context specific trust decisions
Moving Target
Providing resilience through agility
Cyber Economic Incentives
Providing incentives to good security
Designed-in Security
Developing and evolving secure software systems
Download