The National Critical Infrastructure Cybersecurity Education plan will focus on industry-specific sectors and K-12 cyber education.
A nonprofit group supported by government, academia and the private sector announced an education and training program to develop the cybersecurity workforce needed to protect the nation’s critical infrastructure.
The National Critical Infrastructure Cybersecurity Education Initiative will build on the framework developed by the government’s National Initiative for Cybersecurity Education (NICE) to produce sector-specific curricula and training programs.
The frameworks, beginning with the health care and public health sector to be launched in 2012, will run the gamut from K-through-12 education through professional training and certification for current workers.
“The NICE framework is at a generic level,” said Deborah Kobza, president of the Global Institute for Cybersecurity and Research, which is running the initiative.
The sector-specific frameworks will specify cybersecurity functions, roles and job descriptions from which education programs can be developed. “It’s not duplicating the NICE framework but taking that as a foundation and specializing it for each sector.”
GICSR is a collaborative effort between industry, the academic community and agencies including the National Institute of Standards and Technology, the Homeland Security Department, NSA and the FBI.
Housed at Exploration Park at the Kennedy Space Center, the institute was developed as part of an effort by NASA to bring aerospace and other high-tech industries into facilities freed up by the shuttering of the space shuttle program and to provide employment and training opportunities for the dislocated workforce.
Center for situational awareness
Among other GICSR initiatives is a Global Cybersecurity Situational Awareness Center to be located at Exploration Park that will provide support and intelligence across multiple industry-specific Information Sharing and Analysis Centers. It is expected to be launched by February for the National Health and the Aviation and Aerospace ISACs, with other ISACS to be added later.
NIST is the lead agency for the National Initiative for Cybersecurity Education. The NICE Cybersecurity Workforce Framework is a work in progress that provides a working taxonomy and common lexicon that can fit into the occupational structure of any industry. NIST is accepting public comment on the current version of the framework until Jan. 27.
About 80 percent of cybersecurity functions, roles and job descriptions will be common across industries, Kobza said.
The national critical infrastructure frameworks developed by GICSR will focus on the 20 percent that is specific to each sector. They will include definitions, job descriptions and responsibilities and will have curricula that can be used by schools as well as professional training and certification programs.
Early cyber education
The frameworks will promote education in science, technology, engineering and mathematics for the youngest students in order to help develop a growing cybersecurity workforce that will be needed in coming years.
“If you don’t catch them in the early years, by high school you’ve lost the opportunity,” Kobza said.
The initiative is beginning with the health care and public health sector because it cuts across many other sectors, Kobza said. GICSR plans to develop that framework through a series of regional meetings to be held early next year and release the final product by mid-year, which Kobza said was an aggressive schedule.
“We are not reinventing the wheel,” she said. “We are leveraging as much as possible to get it out there.”
Additional educational frameworks are expected to be developed for other critical infrastructure sectors, including finance, communications, transportation, energy, supply chain and IT.