Cybersecurity

What's wrong with cybersecurity training?

Navy person using keyboard

This unidentified woman is part of the Navy's cyber force, but agencies are having a hard time finding enough people with real-world cybersecurity skills. Is our approach to training part of the problem? (Source: Navy Cyber Forces.)

Are we training our cybersecurity professionals in all the wrong ways?

Agencies have been ramping up efforts in training, education, recruiting and hiring, and still the government faces a shortage of skilled cyber professionals. According to some, the problem is rooted in a wrongheaded approach – and as a result, the United States is losing its competition.

Increasingly, government officials and private sector executives are training their focus on younger students in science, technology, engineering and math. However, there also needs to be more emphasis on the real-word, technical aspects of cybersecurity and cyber defense, rather than the academic and soft-skill side of things that too often get policy attention, insiders say.

"Other nations are building world-class talent," Alan Paller, founder of the SANS Institute, said at a June 25 Institute for Defense and Government Advancement event in Arlington, Va. "The U.S. is saying, 'We should have centers of academic excellence,' but they put out people who don't know what they're doing. We're nice to people in the field; we've got to stop that if we actually want protection for our systems."

However, some such efforts may already be underway. Douglas Maughan, cybersecurity division director at the Homeland Security Advanced Research Projects Agency, outlined measures the Homeland Security Department is taking to build up the next generation of cyber warriors, starting with high school and college.

One of the prime examples is the National Collegiate Cyber Defense Competition, a system of intensive, annual cyber battles held among dozens of universities across the United States. They eventually lead to a national finals round – a "March Madness for nerds," as Maughan described it.

"We put them in an environment where they have to defend against a real red team. It's about real defense in an operational environment," he said, adding that new DHS tools, such as new access management technologies, are constantly being added to the competition, forcing participants to learn them as they go along. "We're looking for the next generation of cyber defenders; that's what it's about. It's all about the next generation."

At the Defense Department, cyber training within the services are continuously undergoing scrutiny and changing as priorities, technologies and the cyber environment evolve.

According to a June 25 Army Times report, the Army is working on plans to consolidate its Cyber Center of Excellence at Ft. Gordon, Ga., with its Signals Center of Excellence in under a new school that would bring together training and modernization efforts. The transition is set to begin this August and last through 2015.

Will such efforts be enough? According to Paller, only if the right people are doing the teaching – the ones who have the technical skills that are critical to national cyber defense, and not those who merely have the policy and book training and "CSI-whatever" credentials after their names, he said.

"We've got these people pretending to teach cybersecurity, but they're putting out policy people or researchers...that's causing us a problem," Paller said. "If you're a fighter pilot, you don’t want your squadron leader to be someone who learned it out of the book yesterday."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.