Cyber Defenders In Training

DHS says people are a priority. UMUC is offering three degrees for cybersecurity professionals. Looks like a match made in cyberspace.

Each page of www.dhs.gov  clearly puts a human face on our nation’s diverse homeland security mission. And it reminds all of us that security of any kind is really a people endeavor.

At the National Cyber Security Division (NCSD) the work force tripled in 2009 and practically doubled again in 2010 according to Greg Schaffer, Assistant Secretary for CyberSecurity & Com­munications at DHS.

It’s not just the NCSD that’s growing, it’s cyber resources throughout DHS Schaffer told On The FrontLines in a recent interview.

Cyber capabilities are growing at Secret Service, the Science & Technology Directorate, CBP and ICE to name a few. “All are adding capabilities from a cyber workforce perspective to handle the specific piece of the pie that they have in their mission state­ment,” said Schaffer.

“That requires us to really focus on a career track; that there’s a way to advance as a cybersecurity professional. We’ve been working actively to show there’s real opportunity for people to start at a level and work their way up through the process.”

Schaffer also said the department is trying to make the hiring process easier. “Cybersecurity is usually an area where you’ve got to have security clearances and of course that is a process that takes some time; and we are trying to streamline that so people can come on board more quickly.”

What most people might not realize is that getting the right people includes finding some who you might not think of as pure cybersecurity professionals said Schaffer.

“It is computer engineers, computer scientists, computer analysts, people with a fairly broad set of cyber-related skill sets because we are of course building solutions from an engineering perspective and an architecture perspective,” Schaffer explained.

Trying to enhance training across the board, Schaffer said DHS is working with the State department and Carnegie Mellon Uni­versity on a federal virtual training environment called Feds VTE.

“That’s really an online program with over 800 hours of role based training and more than 75 hands on virtual labs,” noted Schaffer. “So people who may not have as much familiarity with some of the cyber space concepts and cybersecurity issues can really get some hands on training once they are on board.”

DHS is also working with the NSA on Information Assurance education programs and building out what we call the National Centers for Academic Excellence Schaffer explained.

“That program really is designed to make sure that higher education programs coming on line really teach information as­surance and create a core of professionals that can be hired into government and industry and really fill the gap that exists there.”

Further DHS has a scholarship for service program for cy­bersecurity and has developed an IT Security Essential Body of Knowledge (IT EBK) that outline core skill sets needed from graduates when they graduate.

“So there’s a broad range of programs designed to ensure that at the end of the day we’ve got the right people coming into the system with the right skill sets covering the broad range of capabilities that we are going to need for the future,” Schaffer summarized.

The University Pipeline

Alan Carswell is the chair of the new Cyber Security and In­formation Assurance department at the University of Maryland University College (UMUC) graduate school. UMUC, whose mis­sion has always been providing education for the workforce, is one of the largest public universities in the United States with some 90,000 students.

Since 2003, UMUC has been a “Center of Academic Excel­lence in Information Assurance” education—a program spon­sored jointly by DHS and DoD.

Carswell was enthusiastic as he told On The FrontLines about UMUC’s three new cybersecurity degree programs launched in during Fall 2010. The programs include a Bachelor of Science in Cyber Security and two masters’ degrees, a Master of Science in Cyber Security and Mas­ter of Science in Cyber Security Policy.

“I’m speaking mainly for the Masters’ programs but the re­sponse has been outstanding,” declared Carswell. “In fact, we have 550 students that are enrolled in the program and we’ve only been in operation for about 6 or 7 weeks in terms of actually teaching students, although we’ve been working furiously since the early part of this year in developing the curriculum and the courses.”

Carswell noted that there is real-world reason for having two Master’s programs. The Master of Science in Cyber Security is generally technology oriented where students learn how to pro­tect an organization’s security assets. The Master of Science in Cyber Security Policy is for professionals involved in the policy making aspect of cybersecurity.

“In our work we detected that there was a need for profes­sionals who would also be involved in the policy making aspect of cybersecurity,” said Carswell. “That would include things like set­ting government policy, legislation, regulation, fostering public/private partnerships and standards setting.”

The policy grads would most likely be moving into the govern­ment at the federal, state and local levels said Carswell. “These are knowledgeable people who know about cybersecurity and also its policy implications. So those are the degree programs we’ve set up.”

Cyber degrees with the Masters’ programs are offered en­tirely on the web and are Internet based. “Most of our students are mid-career professionals, people who are working either in IT or information security, or they might even call it cybersecurity,” noted Carswell.

“They are working and they want to get additional education. Also we do have students who don’t have much experience. They have to work a little bit harder, but they do it. It’s both a rewarding and demanding curriculum for them.”

If you, or someone you know is interested, visit www.umuc.edu. Tell them Carswell sent you.