DHS offers baseline for U.S. IT security skills

The Homeland Security Department recently published a draft of a framework of knowledge and skills it believes the United States needs to prevent cyberattacks.

Development of the “IT Security Essential Body of Knowledge” (EBK) began in 2003, when the DHS National Cyber Security Division (NCSD) began working with the Defense Department, academia and private industry to examine workforce IT certifications and what would be needed to advance security skills.

Starting with the DOD’s “Information Assurance Skill Standards” document, which had goals considered close to those for the national workforce, the NCSD development team isolated what it considered the core IT security competencies.

It then compared those with other domain-based IT security models to come up with a list of 14 key competencies to cover all public and private security roles and functions.

The EBK contains the key terms and concepts from all of those competencies that NCSD officials feel individuals in at least some IT security roles should know.

The EBK is not an additional set of guidelines that DHS believes organizations should follow, said Greg Garcia, DHS’ assistant secretary for cybersecurity and communications, in comments included with the recent Federal Register announcement of the EBK draft. It is also not intended to represent a directive from DHS, he said.

The intent is for the document “to help advance the IT security training and certification landscape as we strive to ensure that we have the most qualified and appropriately trained IT security workforce possible,” he said.

The public can comment on EBK through the Federal Register notice. Those comments will build on initial reviews by working groups and role-based focus groups prior to the document’s final publication.

The deadline for those comments is Dec. 7.

About the Author

Brian Robinson is a freelance writer based in Portland, Ore.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.