The Obama administration on Friday released the first-ever roadmap for building a U.S. cybersecurity workforce and testing the government's success at raising public awareness of computer threats.
Currently, there is no definition of what it means to be a cybersecurity professional. The draft strategic plan sets forth a way to measure the results of federal and private sector workforce development efforts.
The National Initiative for Cybersecurity Education, or NICE, a branch of the Commerce Department, developed the proposal this spring to bring some order to the new frontier of cybersecurity training, agency officials said at the time.
"This plan will provide a path to a more secure digital nation," states the document, which also attempts to gauge the influence of cyber publicity campaigns.
The plan includes specific instructions for the federal government on how to "maintain an unrivaled, globally competitive cybersecurity workforce." For example, by 2012, agencies must adopt cybersecurity competency models. By 2015, the government will produce an estimate of the health of the national cybersecurity workforce. By then, federal contractors also will be required to comply with standard cyber workforce descriptions to win government business. And, the government expects to see a 20 percent increase in qualified cybersecurity professionals nationwide.
Developing qualifications for cyber pros is another part of the 28-page strategy. By 2013, officials will have created a baseline for the skills required of all cybersecurity professionals. By that year, leaders also should be able to assess the strength of federal, state and local cybersecurity staffing against defined competencies.
Much of the framework, which is open for comment until Sept. 12, concentrates on collaborative projects with the private sector and academia.
Federal officials want the strategy to be standard reading for a broad audience: the average person who surfs the Web, students, teachers, information technology managers, human resources staff and entrepreneurs.
It calls for working with universities and companies to identify new workforce requirements that most assuredly will be demanded by ever-evolving threats and advances in technology.
During the past several years, the federal government has supported numerous promotions and youth competitions to publicize the national security dangers of cyber espionage and the financial damage wrought by cybercrime. Critics have called some of the government's public awareness initiatives nonproductive.
The strategy defines goals for the various movements, such as the Stop. Think. Connect. messaging tactic that is supposed to spread the word on how to safeguard information online. Under the policy, such activities are expected to reduce fraud victimization, as well as drive people to equate the precepts of cyber safety to the wisdom of wearing seat belts.
"The public is insufficiently aware of the risk of sharing information in cyberspace -- which can affect personal and national security," the roadmap states.
Government resources available to citizens and federal employees will include a public Web site where they can look up information on cybersecurity awareness and education. NICE also will launch an internal federal repository for sharing and storing reference materials.
The report's instructions for raising the bar on cyber education are mostly geared toward local governments and academia. Among the requisite outcomes: By 2018, a quarter of states will have adopted national cybersecurity education standards for grade school students, and there will be a 25 percent increase in the number of federally designated universities offering specialty programs in critical network protections, digital forensics and other cyber fields.
"All this activity aims at leveraging work begun by the U.S. government working together with teachers, parents, students, and businesses to improve science, technology, engineering and math (STEM) education to better prepare students to lead in the 21st century economy," the strategy states.