Cyber Strategy initiatives.
In 2010, when United States Cyber Command (CYBERCOM) was established to unify the military's computer network defense and cyberspace operations, it became imperative for the services to integrate several distinct communities into a single warfighting "team." As a result, cross training the workforce was implemented, personnel career paths were revised in concert with and supported by new technical training, and recruitment and retention of personnel with specific technical skills became essential.
With cyber workforce management recognized as a top priority, the "Department of Defense Strategy for Operating in Cyberspace," issued in July 2011, includes five strategies, of which two are workforce related:
* Strategic Initiative 1: Treat cyberspace as an operational domain to organize, train and equip so that DoD can take full advantage of cyberspace's potential; and
* Strategic Initiative 5: Leverage the nation's ingenuity through an exceptional cyber workforce and rapid technological innovation. This cultural shift that recognizes cyberspace as a warfighting domain and the cyber workforce as a key element is already driving change within the community.
In addition to the establishment of the Navy's U.S. Fleet Cyber Command/U.S. 10th Fleet and Marine Forces Cyber Command, and the publication of the DoD's Cyber Strategy, two other initiatives are converging to affect changes in cyber/IT professional workforce development. First, the federal government, collaborating across federal agencies, is working to provide a better picture of the work carried out by the federal cybersecurity workforce, defined by the Department of the Navy as the cyber workforce. This includes information technology, intelligence and law enforcement (Naval Criminal Investigative Service) portions of the workforce.
Second, under current fiscal realities, the DON Chief Information Officer, with a Secretary of the Navy mandate, is reviewing and instituting IT efficiencies to reduce the overall costs of operation and increase effectiveness. This effort includes cyber/ IT workforce management.
National Initiative for Cybersecurity Education
For the first initiative, Chris Kelsall, director of the cyber/IT workforce for the DON CIO, is collaborating with the National Initiative for Cybersecurity Education (NICE), the National Institute of Standards and Technology (NIST), the DoD CIO and CYBERCOM, as well as other federal agencies, to develop a standard set of cybersecurity workforce functional roles. This standardized set of federal specialty areas will be mapped to the joint capability areas and the mission essential task list. New DON policy to address cyber/IT continuous learning and training requirements is under development and will evolve as a comprehensive picture of cyber/cybersecurity/IT work emerges.
DON Cybersecurity/IA Workforce Efficiencies
For the second initiative, the cybersecurity/IA workforce efficiencies working integrated product team (WIPT) reviewed areas that may result in cost savings. Among other cybersecurity/ IA workforce efficiencies, the WIPT recommended that the workforce management discipline, instituted for the IA Workforce Improvement Program (IA WIP) under DoD Directive 8570.01, "Information Assurance Training, Certification, and Workforce Management," be expanded to cover the entire cyber/IT workforce. The Department of Defense IA WIP is a noteworthy qualification program that contributes greatly to the knowledge level of the cybersecurity/IA workforce. As the DoD directive is rewritten to include the entire cyber workforce, the DON cyber/IT career development program will provide further guidance on continuous learning, certificate programs, certifications and career progression. At the same time, leveraging IA WIP electronic management and training solutions will reduce workforce management costs.
Snapshot of the Cyber/Cybersecurity/IT Workforce
The NICE initiative organizes the cyber workforce into seven broad categories, each including multiple functional specialty areas. The DON has not formally accepted these groupings. Therefore, readers must keep in mind that this list continues to evolve, but aligns well with the NICE project, as well as the defense planning and program guidance. Figure 1 is a snapshot of the roles performed in the cyber workforce with functional specialty areas defined on the next two pages.
While functional specialty areas of all seven categories are complete, for the purposes of this article, only the specialties of the largest portion of the cyber/IT workforce who securely provision, operate and maintain, and protect and defend, are listed on the next pages and are further defined.
Figure 1. Cyber Workforce Snapshot Category Functional Descriptions Securely Provision Roles concerned with conceptualizing, designing and building secure IT systems; roles responsible for some aspect of systems development. Operate and Maintain Roles responsible for providing the support, administration and maintenance necessary to ensure effective and efficient IT system performance and security. Protect and Defend Roles responsible for the identification, analysis and mitigation of threats to internal IT systems or networks. Investigate Roles responsible for the investigation of cyber events/crimes of IT systems, networks and digital evidence. Operate and Collect Roles responsible for the highly specialized and largely classified collection of cybersecurity information that may be used to develop intelligence. Analyze Roles responsible for highly specialized and largely classified review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence. Support Roles providing support so that others may effectively conduct their cybersecurity work.
|Printer friendly Cite/link Email Feedback|
|Author:||Purdy, Mary; Psimas, Rob|
|Date:||Oct 1, 2011|
|Previous Article:||Q&A with Cmdr. Blake McBride Arctic affairs officer task force climate change.|
|Next Article:||Functional Specialty Areas.|