3. Breach-to-Response Acceleration

Cyber Battlerooms to learn to recognize adversary action

The old adage "it takes 10,000 hours of practice to become an expert" is very true in cyber defense. We can't teach people to prevent zero day exploits but we can provide an inexpensive way to show what happens when an exploit is used. Technology today is finally available to provide ubiquitous Cyber Battlerooms, like Netflix, where you log into the cloud and "play" on a Virtual Clone Network of a government agency,... more »

Voting

1 vote
Public Input

6. Solving the Talent Search

Change the paradigm-Invest in Cybersecurity Workforce Dev

Reports and articles keep surfacing on the issue of lacking cybersecurity talent in the federal government. Since 2010, little improvement has been seen regarding increased knowledge, skills, and abilities among the federal cybersecurity workforce. (Williams, 2015b).This can be attributed large to leadership failures across the agencies. Cybersecurity experts in the trenches, industrial organizational psychologists, and... more »

Voting

3 votes
Public Input

2. Business Initiated Vulnerabilities

Create Gov Wide "Security Maven" Program for Gov IT Developers

Walmart achieved a 92% reduction in security defects by creating a "Security Maven" role to drive security best practices into their software development teams that greatly outnumbered their security teams. IT security in government is typically organized as a silo focused on protecting production systems. A government-wide security maven program would help tear down the existing" expertise" and "contractual" barriers... more »

Voting

4 votes
Public Input

6. Solving the Talent Search

Supported ITAPS recommendations

(Regular print are supported ITAPS recommendations in response to questions, flagged are expanded recommendations to more explicitly address questions, not directly addressed by ITAPS; participated in and collaborated with ITAPS OMB-OPM-NSC Task Force) How can government tackle the cybersecurity talent search in a way that strengthens skills, experience, and knowledge both within government CISO/CIO and partner organizations... more »

Voting

2 votes
Public Input

6. Solving the Talent Search

Leverage and Inclusion of All Career Fields

Given that such a small percentage of the US population is in technical fields, the majority of population is not even in the target group. It is important to consider more than just technical people or those who self opt in to the cyber field. Cyber is relevant to all jobs. However, the education and training aspect of cyber is not made relevant to other than cyber focused career fields. Those who work in a range of... more »

Voting

3 votes
Public Input

6. Solving the Talent Search

Understanding cybersecurity talent requirements

The first step in tackling the cybersecurity talent search is in develop a better understanding of the competencies required for effective, and proactive, cyberdefense and intrusion response. With the rapid change in technologies and tactics for exploitation and intrusion, defining the required talent is a tall order. As such, new approaches for rapid creation, expansion or tailoring of job series will be needed so... more »

Voting

3 votes
Public Input