Trends in Developing a New Cyber ​​Workforce Strategy

White House efforts to bolster the nation’s cybersecurity workforce have taken several new steps in recent months.

September 18, 2022 •

Dan Lohrmann

On July 19, 2022, National Cybersecurity Director Chris Inglis hosted the National Cybersecurity Workforce and Education Summit at the White House.

According to whitehouse.govthe event focused on the following topics:

  • “The need to create and prioritize new skills-based pathways to cybersecurity jobs, including at community colleges, through recorded apprenticeships, and through non-traditional training opportunities for Americans that can help to defend our country and earn a living for themselves and their families. . Training models such as recorded apprenticeships can allow career seekers to earn and learn at the same time while often earning college credits, degrees, and a nationally recognized credential.
  • How, by filling these open cybersecurity positions, the United States has the opportunity to create pipelines for historically untapped talent, including underserved and diverse communities, to reach jobs that often pay well and do not require a degree of four years.
  • How investing in e-learning and education will (1) enable the Americans who form the backbone of our economy – including those building the next generation of our nation’s infrastructure – to succeed in our digital economy; and (2) empowering society to harness cyber capabilities to realize our individual and collective aspirations.

Ginn College of Engineering at Auburn University is committed to integrating the U.S. Department of Energy’s National Cyber-Informed Engineering (CIE) Strategy into all of its engineering and computer science programs.

Cisco is committed to educating an additional 200,000 students in the United States over the next three years and will continue to increase the reach and impact of its efforts. …

The Cyber ​​Readiness Institute (CRI) published a new guide to raising awareness and implementing MFA among SMEs.

Dakota State University highlighted their $90 million investment in a cyber-research initiative supported by a multi-stakeholder public-private partnership. These funds will be used to double the annual number of graduates from Beacom College of Computer and Cyber ​​Sciences over the next 5 years, launch a Governor’s Cyber ​​Academy accessible to all high school students, and build and operate a lab applied research in Sioux Falls, South Dakota.

Fortinet furthers its commitment to closing the cyber skills gap by making its information security awareness and training service available free of charge to all K-12 school districts in the United States”


“The Office of the National Cybersecurity Director at the White House is in the process of drafting a National Cyber ​​Workforce and Education Strategy, according to Camille Stewart Gloster, Deputy National Cybersecurity Director for Technology and Security ecosystems. …

“The workforce plan will span both the public and private sectors and will emphasize training and education. But for federal agencies, the effort should help bring more “cohesion” to what have often been disparate attempts to fill cyber talent gaps, Gloster said Thursday.

Federal IT Week reported on more details and also some figures related to the enormous challenges to come in this field:

“Mark Gorak, senior director of resources and analytics in the DOD’s CIO office, told a panel Thursday that the DOD’s Cyber ​​Excepted service, which has been online since at least 2019, has 15,000 people throughout the department, with an end goal of around 200,000 people on the military and civilian side.

“Other issues ONCD will likely need to consider is diversity, an issue the cybersecurity field has always struggled with.”


“The NICE framework includes the following elements:
  • Categories (7) – A high-level grouping of common cybersecurity functions
  • Specialty Areas (33) – Distinct areas of cybersecurity work
  • Job Roles (52) – The most detailed groupings of cybersecurity jobs comprising specific knowledge, skills, and abilities (KSAs) needed to perform tasks in a job role.

You can visit the site to dive deeper into specialized areas in many categories such as collect and mine, investigate, oversee and govern, and more.

This tool is based on the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NIST Special Publication 800-181, August 2017) and revisions released in late 2020 renaming the framework the Workforce Framework for Cybersecurity (NIST Special Publication 800-181 Rev. 1, November 2020). Please visit the NICE Framework Resource Center for more information.


US Senator Jerry Moran announced the Educational grant of $750,000 for Friends University’s cybersecurity program last week. Funding from the grant will go towards scholarships, technology and equipment:

“US Senator Jerry Moran announced a $750,000 scholarship to Friends University on Friday.

“The dollars will go toward scholarships, technology, and equipment for Friends University’s cybersecurity program. Butler Community College students will also be eligible for cybersecurity scholarships to earn their associate degrees. These degrees can then be transferred to Friends for students to pursue a bachelor’s degree.

“Moran, a Republican from Kansas, called the field of cybersecurity a worthy cause.”


As I covered in many blogs Over the past few years, hiring and retaining talent has continued to be a huge challenge for CISOs and CIOs nationwide. It is particularly difficult in the public sector.

These efforts offer significant steps to strengthen our cybersecurity workforce.

If you’re looking to better understand the NICE framework and how to use it to manage your cybersecurity staff, I like this video from an RSA conference webinar:

Labor and peoplecyber security

Dan Lohrman

Daniel J. Lohrmann is an internationally acclaimed cybersecurity leader, technologist, keynote speaker, and author.

See more stories by Dan Lohrmann

*** This is a syndicated blog from the Security Bloggers Network of Lohrmann on cybersecurity written by Lohrmann on cybersecurity. Read the original post at:

Source link