Cybersecurity Workforce Awareness
It’s now clear that this cyber threat is one of the most serious economic and national security challenges we face as a nation. It’s also clear that we’re not as prepared as we should be, as a government or as a county.
We not only have a shortage of the highly technically skilled people required to operate and support systems we have already deployed, we also face an even more desperate shortage of people who can design security systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate, and reconstitute systems after an attack.
A Human Capital Crisis in CyberSecurity , 2010
The cybersecurity workforce crisis is a complex problem. There is not only a shortage of workers but also a lack of skills among many of those already in the workforce. We have not yet established a pipeline of new workers for the future. Several ongoing issues exacerbate this. First, industry professionals confuse definitions of CyberSecurity and Information Assurance. Second, specific cybersecurity skills and a taxonomy of CyberSecurity roles are still evolving. Third, in the K12 domain, there has been significant recent attention devoted to cyberawareness efforts, however, there is a need to differentiate between awareness and workforce development programs. CyberWatch has been on the forefront of advocacy in enlightening students, parents, educators and the general citizenship to: the career opportunities in cybersecurity, the plethora of options and pathways, and the broader set of skills needed to meet the growing demands of the 21st Century CyberSecurity workforce.
The CyberWatch K12 Division promotes careers in CyberSecurity through a variety of venues to include: Cool Careers in CyberSecurity Workshops and an Annual Cool Careers in CyberSecurity for Girls Workshop, Annual Careers in CyberSecurity for School Counselors, Professional Development for Educators, Speakers, a multitude of Programs, Mid-Atlantic CCDC High School Shadowing, Career Fair and Expo, and a range of materials and resources. The CW K12 Division also helps support: CSSIA’s High School Network Security Competition, the DC3 Digital Forensics Challenge, the US Cyber Challenges, and the CyberPatriot.
For some, CyberSecurity focuses on the technical aspects of computer defense: the safety of computers and computer systems in a networked environment, while Information Assurance focuses on confidentiality, integrity, availability and validation of data, and therefore CyberSecurity is a subset of Information Assurance. However, others, particularly the Department of Defense, state that IA is a subset of CyberSecurity , and CyberSecurity includes management of the risks associated with computers and networks and mission assurance. The CyberWatch K12 Division does not concern itself with the subtleties of the differences; it lives in the intersection of the definitions. We define here CyberSecurity in our context.
It seems that everything relies on computers and the internet now — communication (email, cellphones), entertainment (digital cable, mp3s), transportation (car engine systems, airplane navigation), shopping (online stores, credit cards), medicine (equipment, medical records), and the list goes on. How much of your daily life relies on computers? How much of your personal information is stored either on your own computer or on someone else's system?
The Center for Strategic and International Studies (CSIS) Commission on CyberSecurity fort the 44th Presidency suggests the term “cyber security services” to mean the development, implementation, operation and administration of measures and/or activities intended to prevent, detect, recover from and/or respond to intentional or inadvertent compromises of the confidentiality, integrity and availability of information technology including but not limited to intrusion detection, computer forensics, configuration management, and system development.
CyberSecurity involves protecting that information by preventing, detecting, and responding to attacks. In the most general terms, it involves protecting data and communications, but fields which may not necessarily fit everyone’s definition of cybersecurity may be involved. These include accounting, forensic science, law enforcement, bioengineering, intelligence, communications, management science, systems engineering, criminology, security engineering, computer science, and robotics.