Can the nation get smart about cybersecurity?
- By William Jackson
- Aug 12, 2011
Declaring that “our nation is at risk” from vulnerabilities in the critical online infrastructure, the National Institute of Standards and Technology has released a draft plan for improving cybersecurity awareness, developing educational resources and creating career paths for IT professionals.
The increasing importance of IT to the economy and in everyday life has made a basic awareness of security a necessity in nearly all aspects of business and daily life. Efforts outlined in the plan for the National Initiative for Cybersecurity Education (NICE) are intended to enhance the nation’s overall cybersecurity posture.
Federal IT security workforce could double in 5 years*
How to get hired fast: Be a cyber pro
“The United States must encourage cybersecurity competence across the nation and build an agile, highly skilled workforce capable of responding to a dynamic and rapidly developing array of threats,” the plan says. Also, “Americans must be made more aware of the tools and practices that can help protect them from the negative consequences that cyber threats represent.”
NICE would help to create a pipeline of skilled IT professionals, beginning with science, technology, engineering and mathematics (STEM) curricula in kindergarten through high school and continuing through professional training, licensing and certification programs.
One objective is for U.S. students to move from middle of the pack in STEM ability to the top in international assessments over the next decade. Beginning in fiscal 2013 federal cybersecurity education budgets are expected to be aligned with these goals.
NICE is a product of the 2009 Cyberspace Policy Review, which recommended creation of a national public awareness and education program to promote cybersecurity. NIST was designated the lead agency for the effort, and will be working in cooperation with the private sector, academia and other federal agencies including the Homeland Security, Education and Defense departments, the National Science Foundation, National Security Agency and the Office of Personnel Management.
The draft plan is a high-level document listing goals and objectives with few specific activities or responsibilities. NIST will hold workshops and conferences to bring together stakeholders and partners in the process and work out specific agendas. A three-day NICE workshop on cybersecurity education is scheduled for Sept. 20 through 22 at the NIST campus in Gaithersburg, Md.
The program’s goals are to:
- Raise awareness among the American public about the risks of online activities, responsible use of the Internet, and cybersecurity as a career path.
- Broaden the pool of skilled workers and encourage interest in STEM disciplines.
- Develop and maintain an unrivaled, globally competitive cybersecurity workforce through education, training, employment, and certification.
Achieving the goals will depend upon creating partnerships for cooperation between broad segments of government, business, non-profits, commercial organizations and academia.
Although improving the security of IT products and enabling professional development are primary objectives of NICE, raising awareness in and providing resources for the general public also are major elements of the program.
“Americans lack authoritative, affordable and readily accessible sources of information on which they can depend to help them distinguish cybersecurity hype from fact and good tools from bad ones,” the plan says. “Government, academia, and industry need to work together to provide resources and tools.”
Improving the level of early computer education is intended to increase awareness, improve digital literacy and strengthen the IT workforce. NICE would establish rigorous academic compute science programs in high school so that students would enter college with requisite skills and knowledge for pursuing degrees in this area, thereby strengthening undergraduate cybersecurity curricula.
Comments on the draft strategic plan should be entered into the Draft-NICE.xls comment template available at http://go.usa.gov/KFw and e-mailed to email@example.com by Sept. 12.
William Jackson is freelance writer and the author of the CyberEye blog.