Cybersecurity Workforce Development for the Nation Dr. Margaret Leary, CISSP, CE|H, CRISC & Dr. Deanne Cranford-Wesley, CCNA, CCNP, Security+,
History of Center of Academic Excellence Over 200 top colleges and universities across 44 states, the District of Columbia, and the Commonwealth of Puerto Rico are designated CAEs for cyber-related degree programs. CAE graduates help protect national security information systems, commercial networks, and critical information infrastructure in the private and public sectors. This program is a response to the increasingly complex and challenging cyber-attacks facing our nation. Our nation needs more cybersecurity professionals to protect networks in both government and industry. Nearly one in five Americans has been the victim of a cybercrime and the economic impact of these attacks is devastating. Cyberattacks cost the average U.S. company more than $15.4 million per year.
History of Center of Academic Excellence History As a greater priority is placed on strengthening cybersecurity and safeguarding citizens, our nation is increasingly looking to higher education to produce skilled and capable cybersecurity professionals able to defend our networks and infrastructure.
National Leadership Expectations Evolving in context of workforce development Support for expansion of CAE programs # Schools # Students Return on Investment (metrics) Interdisciplinary nature of cybersecurity Collaboration & Cooperation The goal of the program is to reduce vulnerability in our national information infrastructure by promoting higher education and research in cyber defense and producing professionals with cyber defense expertise for the Nation.
Benefit of CAE National program recognition Increased enrollments Ability to apply for NFS grants College recognition Use of NSA “Logo’s Scholarship opportunities
National Leadership Expectations CAE-CD schools are expected to maintain the quality of the designated educational path according to the standards established for designation. The designated path is expected to have the same (or better) curriculum rigor, faculty qualifications, and programmatic characteristics at re-designation as were demonstrated at the original designation. Designated schools are expected to actively participate in the CAE Community, and support the CAE-CD program.
CAE Designation Requirements Curriculum Mapped to Knowledge Units Student Path and Recognition Faculty Qualifications Program Maturity Interdisciplinary Focus Areas Programmatic Criteria Cyber Center Robust Program Regional Accreditation Articulation Agreements Faculty in Cyber Defense Research Students in Cyber Defense Research Outreach (other Colleges or High School)
Educational Expectation Minimum participation includes: Submission of an Annual Report with all required information Attendance at both the Principals meeting and Community meeting event each year; may attend one in person (depending on availability of travel funding) and one virtually Regular communication with the program office, the CAE Community, and the CRRC (responds to email, offers input on program decisions when requested, offers suggestions for workshops and programs, maintain and keep up to date Institution related information within the CAE Application Tool, etc)
Educational Expectation Active support to the CRRC/CNRC mission (faculty member is a mentor, advisor, reviewer, etc. to/for designating schools and working with the appropriate CRRC/CNRC) Faculty support to CRRC/CNRC (actively supports activities for the region, hosts workshops, faculty development, develops/refines lab exercises, curriculum committee, etc.) CAE Tech Talk / CAE Forum– presents tech talks to the community on technical areas of interest or presents CAE related talks on areas of interest to the community Involved in active research, collaboration, course development, etc. with other CAE schools
Three Step Process Offline Phase: Gathering and recording supporting program and course data (Program Criteria) Identifying KUs that are to be mapped Online Phase: Enter in Program Criteria located at www.iad.gov/NIETP (must have login) Enter all courses (topics and objectives) into database
Program Criteria
CAE Program Criteria
CAE Program Criteria
Letter of Intent Institution must include an official letter stating the institution’s intent to apply for CAE IA/CD designation Must be on official institution letterhead, signed by a collegiate official at an appropriate level (Dean or higher) To be uploaded to web application (hard copy should not be mailed) Designated faculty member as the Lead
Program Outreach and Collaboration Shared curriculum and faculty Articulation agreements with high schools and 4 year institutions Sponsorship/participation in cyber competitions Community outreach Providing cybersecurity practitioners to students
Center for CD Education Designated space (lab, office, other) for student gatherings and sharing of news/developments in cybersecurity – Does not have to be a physical space! “Center” can be a website. This should be operational, dynamic and current: contains up-to-date links to key IA/CD resources such as other academic institutions, government sites, conferences, workshops, IA/CD news, center POCs, IA/CD courses, etc
Cyber Defense Program, Student Development and Recognition Program of study – mature program, aligned to KUs that leads to a two year associate’s degree or a certificate in a CD discipline Provide student enrollments Will receive a certificate Demonstrate that physical and/or virtual cybersecurity labs and equipment are available and used for hands-on learning Evidence that the program is providing students with access to cybersecurity practitioners (e.g., Guest lecturers working in Cybersecurity industry, government, faculty exchange program with industry and/or government, internships, etc.)
CD Faculty Identify POC – provide CVs/resume Identify all full-time and adjunct faculty teaching in the program Describe credentials and experience of the CD faculty Describe internal and external professional development opportunities for these faculty
Practice of CD Encourage Throughout the Institution Cyber taught in other courses Professional development courses (Cyber) – Workforce Development Review and describe the institutional policies (security plans, training, Security Officer)
Contact Information Dr. Deanne Cranford-Wesley dwesley@forsythtech.edu https://www.forsythtech.edu/about-us/davis-itec-cyber-security-center/ Margaret Leary mleary@nvcc.edu