Federal Cyber Service
Training and Education
Initiative
CICG Personnel, Training and
Education Subgroup
Mark Montgomery
National Security Council
November 9, 1999
202-456-9361
Five Initiatives to Train Federal IT
Personnel
• IT Occupational Study
• Centers for IT Excellence
• Scholarship for Service Program
(Cyber Corps)
• High School and Secondary School
Programs
• IT Security Awareness Program for the
Federal workforce
CIAO.0147 - Mar. 99 - 2
IT Occupational Study
Continue the funding of the OPM study which is:
•
Providing an estimate and description of the types federal IT jobs
•
Better defining the information security competency requirements of federal IT
jobs
•
Identifying the training needs of federal IT personnel
•
Estimating the number of IT jobs and vacancies
When completed OPM will use the study to:
•
Develop new IT “job family” and IT specialty titles
•
Develop competency based job profile pilot for IT personnel
•
Use the data to review and design IT compensation system
CIAO.0147 - Mar. 99 - 3
Center(s) for IT Excellence
Purpose is to train and certify USG IT workers.
•
We need to establish the standards to which we will train and certify our IT
workers on security issues, in doing so we should leverage both the DOD work
in developing IT certification and training programs, the NSTISSC standards,
non-DOD agency IT programs and respected civilian certification programs.
•
Many agencies have excellent IT training programs, and many workers have
certifications. Ensure the new standards account for and accredit existing
federal agency IT training programs and workers
•
Courses should be mix of classroom and CD-ROM or web-based distance
learning
•
Planned initial courses and certification are for System Administrators and
ISSO’s. This will later expand to include other IT worker certifications/ training.
•
The Centers could be USG activities (NIST/OPM/USDA/DISA..), private sector,
or universities. All must be accredited to meet the established standards.
•
Estimated initial throughput is 5,000 IT security students per year, this will grow.
Costs will decrease as quality/quantity of web based training programs grow.
CIAO.0147 - Mar. 99 - 4
Scholarship for Service Program
Program to recruit information systems specialists into USG service
as IT security managers and experts.
•
First step is to develop standards for program and identify universities to work
with. Will use the model of the NSA Centers of Academic Excellence program
(itself based on NSTISSC standards) to identify universities/colleges with IT
security programs which can be accredited.
•
Up to 300 students per year - mix of undergraduate and graduate students
•
Pay for junior and senior years of undergraduate work, or both years of M.S.
•
Will examine 2-year colleges for potential AS/AA programs
•
This includes summer work programs at federal agencies/Labs, certification
programs, conferences for students (a significant cost)
•
May look towards universities with existing IA R&D relationships with USG to
leverage this investment
•
Will look to develop programs at historically black and hispanic schools
•
Will examine alternatives for funding university IT security faculty development
CIAO.0147 - Mar. 99 - 5
High School and Secondary School
Programs
Purpose of this program is to identify possible USG IT security
employees who could be hired directly from high school. Also
will attempt to improve the quality of computer security
education in high school and secondary schools
•
High school junior and seniors would be recruited for summer camps and
internship programs that could lead to USG IT training and certification and
federal job offers.
•
Support for programs such as the National Educational Technology Standards
(already supported by Department of Education) for implementing standards in
teaching secondary school students computer security practices and ethics.
Develop web sites to provide teachers with suggested IA curriculums.
CIAO.0147 - Mar. 99 - 6
IT Awareness Program for Federal
Workforce
This program will provide tools for each agency to administer an IT
security awareness program to its entire federal workforce
•
Develop IT awareness tools, leveraging existing DOD and federal agency
programs (Some outstanding programs exist/in development).
•
Provide IT awareness program tools at an available web-site or via CD-ROM
•
Ensure the course content is periodically reviewed and upgraded
•
Many agencies already have existing programs that provide satisfactory
workforce IT security awareness
CIAO.0147 - Mar. 99 - 7
Budget Breakdown
FY 2001
FY2002
Center for IT Excellence
10.9m
7.9m
Scholarships for Service
12.9m
23.4m
High School Programs
1.3m
0.8m
IT Occupational Study
0.7m
0.0m
TOTAL
24.8m
32.1m
CIAO.0147 - Mar. 99 - 8
Proposed FY 2000 Amendment
PROGRAM
NEW MONEY
AGENCY
Center for IT Excellence
5.75m
OPM
Scholarships for Service
8.5m
OPM/NSF
High School Programs
1.3m
OPM
IT Occupational Study
1.3m
OPM
TOTAL
16.85m
CURRENT
1.0
1.0
CIAO.0147 - Mar. 99 - 9
Next Steps
•
Establish Standards for Training and Certifying USG IT workers - use NSTISSC
– Solicit potential CITE
– Evaluate Existing Federal IT Training Programs - determine if integration is
possible
– Solicit agency participation (funding for first year?)
•
Establish requirements for accrediting Universities to train SFS program
members - use NIETP (derived from NSTISSC standards)
– Solicit potential Universities (start with NIETP - 16)
– Initiate student recruitment
– Evaluate methods for supporting/promoting IT Faculty development
•
Using existing models, develop a federal IT awareness training tool, and
distribute to Agencies (web based)
•
Complete OPM IT Occupational Study - develop recommendations for IT job
descriptions, training and retention
CIAO.0147 - Mar. 99 - 10