AFCEA Answers: Cybersecurity Training Must Encompass All Work Force Needs

For more than a decade, experts have been forecasting a shortage in trained cybersecurity professionals. And the demand for those experts continues as government and industry note an uptick in the number and nature of cyberthreats.

“We absolutely have to have the best and the brightest folks working to help us resolve some of these difficult problems,” Dr. Ron Ross, a fellow with the National Institute of Standards and Technology, said. Speaking on a recent episode of the AFCEA Answers radio program, Ross described a definite shortage of cybersecurity experts at the federal level and acknowledged that the government is competing with industry for the “same scarce resources” when it comes to highly trained cybersecurity personnel.

“It’s not just teaching people how to configure firewalls; it goes deeply into college and university computer science departments and mathematics and engineering. We have to have a skilled work force that understands how to build more resilient computer systems—systems that can withstand these very sophisticated cyber attacks,” he added.

Two educational institutions have adapted cybersecurity education programs to meet the challenges of both the entry level,and also at the “continuing education” level: University of Maryland University College and Carnegie Mellon University. Representatives of both programs offered details on the cybersecurity offerings during AFCEA Answers.

Pat Delaney, associate vice president of Corporate Learning Solutions at University of Maryland University College, said that her school formed an advisory board composed of top information technology and cybersecurity professionals to help guide them in rethinking their cybersecurity programs. “One of the things they decided was that we needed to focus not just on the technical, but also the management and decision making and the organizational aspects of cybersecurity education,” she explained.

Meanwhile, Chris May, technical manager, cybersecurity work force development, Carnegie Mellon University (CMU) CERT Program, said that CMU’s cyber program was established in the late 1980s to address the needs of government when one of the first major cyber attacks took place on an early, pre-Internet computer networks. “The program has been supporting the Department of Defense and the government information technology community for about 25 years,” he said. CMU’s Software Engineering Institute also is a preferred provider and a partner of AFCEA International’s new STEPfwd program, which offers a suite of cybersecurity continuing education classes available to AFCEA members.

May also outlined his most recent trip to the U.S. Army’s Fort Gordon, home of the Army Signal School, and its new efforts to revise personnel categories and training when it comes to cybersecurity. He said the changes stem from new mission areas given to the Army by the U.S. Cyber Command.

“The Army has been looking at innovative ways to improve and speed up the pace of how they provide trained and ready cyber operators, and also to look at ways to do what has been difficult in the past, how to do high-fidelity continuing education training once a particular soldier is out of the schoolhouse,” May explained.

The Army’s efforts to realign cybersecurity training at Fort Gordon are also detailed in the June 2013 edition of SIGNAL Magazine.