An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
Our feature article reflects upon the NICE Strategic Plan that has served us well for the past 4 ½ years by reminding you of its contents and highlighting a few accomplishments. As the latest chapter in our history together as a community draws to a close, we invite you to help us shape the next strategic plan that will guide our priorities for the coming 5 years.
This quarter you will also learn: how cybersecurity folds into all disciplines of STEM education to prepare students of all ages to become critical and creative thinkers, innovators, problem-solvers, collaborators, and strong communicators; how our economy demands a workforce with cybersecurity skills for digital manufacturing and what the forthcoming Cybersecurity for Manufacturing Hiring Guide will contain; and how workforce development recommendations in the Cyberspace Solarium Commission’s report advocate a new strategic approach to cybersecurity, known as layered cyber deterrence.
Finally, I want to update you on work underway to draft the next revision of the NICE Framework which seeks to connect more closely to existing NIST cybersecurity and privacy publications. We are hosting discussions with stakeholders to learn how the NICE Framework has supported them and how it could be improved, and we are examining input received during the open comment period launched at last year’s NICE Conference and Expo. Stay informed of our progress by visiting the NICE Framework Resource Center.
Bill Newhouse
Deputy Director, National Initiative for Cybersecurity Education (NICE)
Featured Article
CLOSING ANOTHER CHAPTER IN THE LIFE OF NICE STRATEGIC PLANS
By Rodney Petersen, Director of National Initiative for Cybersecurity Education (NICE)
Our feature article reflects upon the NICE Strategic Plan that has served us well for the past 4 ½ years by reminding you of its contents and highlighting a few accomplishments. As the latest chapter in our history together as a community draws to a close, we invite you to help us shape the next strategic plan that will guide our priorities for the coming 5 years.
Let’s start by reviewing the NICE Mission: to energize and promote a robust network and an ecosystem of cybersecurity education, training, and workforce development. The scope of our collective work is more than “cybersecurity education” as implied by the organizational title for NICE (National Initiative for Cybersecurity Education). The additional emphasis on “training” (both for employees as well as adult workers who transition to cybersecurity work) recognizes the importance of skills development for practitioners and for continuous learning. The significance of supporting the needs of employers and promoting workforce development, also reflected in the third goal (see below), recognizes that our ultimate aim is to support a “digital economy enabled by a knowledgeable and skilled cybersecurity workforce.” (See the NICE Vision in the NICE Strategic Plan.)
The NICE Values emphasize the communal nature of our work, including the need to Foster Communication, Facilitate Collaboration, and Share Resources. NICE wants to be known for getting things done, which is why the values of Pursue Action, Challenge Assumptions, Drive Change, and Stimulate Innovation are important to our shared interests. We also want to make a difference, which is why we Seek Evidence and Measure Results in all of our endeavors. Perhaps no value is more heartfelt from across the community than the need to Model Inclusion that encourages participation from stakeholders with diverse backgrounds and viewpoints.
The Goals and Objectives in the NICE Strategic Plan are intended to address different imperatives and target specific audiences:
Accelerate Learning and Skills Development is a call to action to emphasize the urgency of addressing the growing demand for cybersecurity workers by moving students, career changers, and employees more quickly through a learning pathway that would qualify them to perform cybersecurity work. Examples include dual enrollment programs at the high school level where students are concurrently enrolled in community college degree programs; bootcamp training programs where intensive training could prepare someone to transition into a cybersecurity role; and reducing the time to complete a college degree program from four years to three years or less. The need for multiple learning pathways that can more rapidly reskill or upskill individuals is likely to continue to be a priority.
Nurture a Diverse Learning Community recognizes the ecosystem for learning that includes K12 schools, community colleges, colleges and universities, and training providers, which provide an array of learning pathways that are not always coordinated or connected. Consequently, increasing partnerships in local communities and enabling career pathways from one learning experience to the next is important for the continuity of learning and skills development. Additionally, this goal recognizes the need to increase the representation of underrepresented groups in the cybersecurity workforce, including women, people of color, veterans, and people with disabilities; consequently, NICE Webinars, conference program tracks, workshops, grants, and other outreach by the community are intended to expand awareness and participation among underrepresented groups to increase inclusivity.
Guide Career Development and Workforce Planning recognizes the important role that employers in both the public and private sectors play in shaping the present and future cybersecurity workforce. The NICE Cybersecurity Workforce Framework, published as NIST Special Publication 800-181 in 2017, has become a key resource for employers, and we continue to raise awareness and advocate for its use. Additionally, a NIST grant to develop CyberSeek helps to address the objective to “project present and future demand and supply of qualified cybersecurity workers” and draws attention to the NICE Framework. The NIST grants to create pilot programs for Regional Alliances and Multistakeholder Partnerships Stimulating (RAMPS) Cybersecurity Education and Workforce Development help to “facilitate state and regional consortia to identify cybersecurity career pathways addressing local workforce needs.”
As we turn the final pages on the 2016-2020 strategic plan, we invite you to engage with NICE in the coming weeks as we develop our agenda for the next five years. Please send your comments and suggestions to nist-nice [at] nist.gov (nist-nice[at]nist[dot]gov).
NICE Framework in Focus
A profile of a cybersecurity practitioner to illustrate application of the NICE Cybersecurity Workforce Framework categories, specialty areas, and work roles.
NICE Framework Categories: Oversee and Govern/Analyze: Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work. Performs highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.
NICE Framework Specialty Areas:
Training, Education, and Awareness (TEA): Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.
Threat Analysis: Identifies and assesses the capabilities and activities of cybersecurity criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.
Credit:
Chris Knox
Name: Chris Knox
Title: Manager, Security Awareness & Analysis
Organization: CPS Energy, a Municipally owned electric & gas company for San Antonio metropolitan area
Q: Chris, explain your role and responsibilities as Manager of the Security Awareness Program at CPS Energy.
A: CPS Energy is the municipally owned electric and gas company for San Antonio, Texas. My role in particular is responsible for developing and delivering security awareness education and training for our workforce. We also provide threat intelligence support, which includes vulnerability awareness, vulnerability assessments, and executive travel assessments.
Q: How could you envision using the NICE Cybersecurity Workforce Framework, maybe in establishing that program but also, more specifically, to guide your career and the other staff careers that you supervise in your organization?
A: My director and my team have used the NICE Framework to try to align and map our current workforce structure so that we can look across the organization and see where there might be some potential manning gaps. How can we use the NICE Framework to maybe even support some of our future hiring decisions based on these gaps? Also, how do we define more specific role-based training opportunities? Because of what we’re doing in the training and development space, we are also trying to create role-based training, and the NICE Framework provides a great foundation for how we develop training opportunities.
To listen to the full audio interview with Chris Knox, Manager, Security Awareness & Analysis, CPS Energy, click on the audio below.
CYBERSECURITY AS A DISCIPLINE CONNECTOR
By Davina Pruitt-Mentle, Lead for Academic Engagement, National Initiative for Cybersecurity Education (NICE)
A variety of national strategy and policy documents highlight the importance of cybersecurity education in developing a knowledgeable and skilled cybersecurity workforce. However, there are differing interpretations of cybersecurity education that have implications for how, when, and with whom it would be taught and the kinds of learning experiences that students should have. This lack of clarity limits buy-in across stakeholders. But this lack of clarity is an opportunity for the NICE community to be strategic and lead the nation by coming to a consensus about how best to articulate the role of cybersecurity in the U.S. educational system. It is time for a more robust conversation at the national level about how best to incorporate cybersecurity into existing and future learning opportunities.
Educational Pendulum Swing to STEM not S.T.E.M.
Throughout history, economic and political forces influence reforms, and the pendulum swings between focus areas. The Association for Supervision and Curriculum Development (ASCD) maintains that historically, in the United States, the purpose of education has evolved according to the needs of society. The central focus has always been to help citizens develop the skills, the knowledge, and the dispositions that will allow them to be responsible, contributing members of their democratically informed community while also contributing to its economic growth and prosperity.
Throughout U.S. history, several national educational reform movements have taken place. The back-to-fundamentals approach after World War II lasted until the 1950’s when Sputnik caused the nation to focus on science, math, engineering, and technical education efforts.
Between the 1970’s and 1980’s the U.S. underwent an educational movement toward equality-based and individualized learning. The technology explosion in the 1990’s to early 2000’s demanded that educators shift their focus back to instruction around the disciplines of science, mathematics, engineering, and technology (SMET). In 2001, American biologist Judith Ramaley, then assistant director of education and human resources at the National Science Foundation (NSF), rearranged the words to form the STEM acronym, with the intent to create a new approach to instruction.
The acronym was meant to unite the four fields and highlight how these related disciplines could be taught and content learned in an interdisciplinary way. STEM, as Ramaley stated “has science and math serving as bookends for technology and engineering. Science and math are critical to a basic understanding of the universe, while engineering and technology are means for people to interact with the universe.”
Ramaley’s STEM acronym was a way of weaving elements of human action across disciplines into all aspects of education. This multidisciplinary approach was seen as being vital for all students to be successful participants in society. This approach would prepare students to solve interdisciplinary problems that they would encounter in the global society regardless of their major or chosen career path. STEM education would prepare students of all ages to become critical and creative thinkers, innovators, problem-solvers, collaborators, and strong communicators. Interconnecting the STEM disciplines through a holistic lens focused on building critical thinking and analysis skills by addressing how students viewed and experienced the world around them. Put simply, the STEM educational approach, often referred to as STEM literacy, would prepare citizens to tackle the challenges of a fiercely competitive and constantly changing global economy.
Although the attention on STEM education has brought with it benefits, the educational system is in danger of losing the innovative, collaborative approach. Over time, the interdisciplinary nature of STEM has faded. Instead, Science, Technology, Engineering, and Mathematics are presented as individual, often siloed disciplines (S.T.E.M.). Computer science has joined these four fields as a precursor to maintaining our world economic status continuing to split our focus.
Cybersecurity as a Connector
STEM literacy is a foundational skill that matters for all careers, not just STEM-related fields or jobs. This multi-skilled, STEM educated individual is a representation of a student who understands how academic subjects are meant to be a genuine symphony and not a collection of discordant solos.
Cybersecurity folds into all disciplines. Cybersecurity is cross-cutting and multidisciplinary in nature. All students, no matter what their future education and career path, must have an understanding of cybersecurity concepts and impacts in order to be prepared for citizenship, college, and careers. This is an excellent opportunity to highlight the synergies between multiple disciplines and return to the elegance of Ramaley’s original STEM concept.
Today, there is tremendous potential to realize the key role that cybersecurity can play within current and future learning at all educational levels, serving as a connector between science, technology, engineering, mathematics, and computer science in addition to other existing and emerging disciplines.
Industry Spotlight
THE DIGITAL MANUFACTURING AND CYBERSECURITY WORKFORCE OF THE FUTURE
By Michael Garamoni, Manager of Workforce Development Programs, MxD Learn
A report by Dell Technologies and The Institute of the Future asserts that 85 percent of the jobs that will exist in 2030 haven’t been invented yet. A similar report from the World Economic Forum states that 65 percent of children entering primary school today will end up working in job types that don’t yet exist. While these statistics may be hard to believe, manufacturers have no doubts. Manufacturing is experiencing an exciting shift, what economists call the 4th Industrial Revolution, thanks to developments in digital manufacturing and cybersecurity. But these significant changes are also making it difficult for workers and employers. Workers suddenly need new skills; employers suddenly need to retrain existing workers or hire new ones with more advanced skills.
In 2016, MxD (Manufacturing times Digital) completed a project that identified 165 roles that will make up the manufacturing workforce of the future. This hiring guide identified roles, positions, position descriptions, and career pathways for digital manufacturing. It even touched on cybersecurity and the unique demands it places on manufacturers. Now, MxD is preparing to roll out the Cybersecurity for Manufacturing Hiring Guide, in partnership with ManpowerGroup, a world leader in innovative workforce solutions. This guide will provide manufacturers with details for the 247 most critical roles for cybersecurity in manufacturing.
MxD’s Future Factory assembly line demonstrates the possibilities of cybersecure digital integration.
Credit:
MxD
By creating a structure to define and classify the manufacturing industry’s cybersecurity work, the Hiring Guide enables the advancement of workforce development goals across the manufacturing ecosystem: industry, individuals, academia, government, and workforce development and community development initiatives. “The speed and trajectory of cybersecurity’s challenges and solutions to this point tell us cybersecurity is an evolving but very opportunistic and valuable field that is here to stay,” said lead author Lory Antonucci, Director of Workforce Innovations and solutions at ManpowerGroup. “Our intent is that the taxonomy efforts overall will help clarify the roles and better inform decision-makers.”
The project leverages the NICE Cybersecurity Workforce Framework and utilizes the NIST Cybersecurity Framework. It integrates insights from subject matter experts representing more than 20 industry, academic, and government entities. The Hiring Guide is complemented by tools such as career progression charts, cybersecurity workforce data analysis, and success profiles of key roles. “This effort is a springboard for solving the cybersecurity workforce needs in manufacturing,” said MxD CEO Chandra Brown. “As factories and supply chains become increasingly digital and interconnected, these jobs are critical to protecting people, assets, and infrastructure. It's part of our national defense.”
In 2019, MxD was named the National Center for Cybersecurity in Manufacturing by the U.S. Department of Defense. MxD’s portfolio includes more than 60 successfully completed collaborative projects in digital manufacturing and design innovation, as well as cybersecurity and workforce development. MxD houses the Future Factory in its Chicago innovation center, offering different physical and cyber testbeds and a neutral setting to showcase digital manufacturing solutions, where industry competitors can meet and work together with government and academic partners to solve problems and confront challenges.
MxD Learn is MxD’s workforce development division. Beyond managing the cybersecurity and digital manufacturing jobs taxonomy projects, MxD Learn is devoted to initiatives that educate, train, and retain a skilled manufacturing workforce. In 2019, MxD Learn received a $1.25 million grant from the Siemens Foundation to support deployment of an advanced manufacturing high school curriculum and community college apprenticeship program in under-resourced communities. The grant also emphasizes cybersecurity career pathways in manufacturing, and some grant funds will be used for further enhancements to specified Cybersecurity for Manufacturing Hiring Guide components.
The public release of the Hiring Guide is scheduled for Spring 2020, and the full report from the 2016 digital manufacturing hiring guide is currently available. To receive a copy of this report or ask any questions about current or past workforce development projects at MxD, please email Michael Garamoni, Manager of Workforce Development Programs at michael.garamoni [at] mxdusa.org (michael[dot]garamoni[at]mxdusa[dot]org)
To learn more about MxD, to receive information on news, general projects, or workshops, or to become a member of the Institute, please visit www.mxdusa.org or email info [at] mxdusa.org (info[at]mxdusa[dot]org).
Government Spotlight
THE CYBERSPACE SOLARIUM COMMISSION ON BUILDING TALENT FOR THE FEDERAL GOVERNMENT CYBERSECURITY WORKFORCE
By Laura Bate, Director, Cyber Engagement, U.S. Cyberspace Solarium Commission
Credit:
U.S. Cyberspace Solarium Commission
The U.S. Cyberspace Solarium Commission (CSC) is a bipartisan, intergovernmental body created by the 2019 National Defense Authorization Act (NDAA) to develop a strategic approach to defend the United States in cyberspace against cyberattacks of significant consequence. In carrying out this mandate, the Commission necessarily considered cybersecurity workforce development because, in order to successfully implement any cyberspace strategy, the United States must have a strong, skilled cybersecurity workforce.
The CSC’s year-long analysis concluded that deterrence, as currently implemented, is not working in cyberspace because perpetrators have seen that their activity damages the United States without triggering a meaningful response. However, the Commission also found that deterrence can still work in cyberspace if the United States adjusts its strategic approach to: improve its investments in defensive systems; build a more effective public-private collaboration; and confront adversary activity “forward” in the “gray zone” with all elements of national power. This will require the United States to apply a more coordinated, whole-of-nation approach to shaping behavior in cyberspace, denying adversaries the benefits of attacking critical infrastructure, and imposing costs on bad actors. By doing so, the United States can create a digital environment that is safe and stable, promotes continued innovation and economic growth, protects personal privacy, and ensures national security.
The Commission’s work culminated in a public report detailing a comprehensive strategic approach with specific policy and legislative recommendations for implementation. These recommendations span a wide range of topics, addressing U.S. government structure and reform, norms and non-military tools of state power, national resilience, the cyber ecosystem, collaboration with the private sector, and preserving and employing military power. To be successful in any of these areas, however, the United States must build and develop the cybersecurity workforce.
Because of the scope outlined for the CSC in the 2019 NDAA, the Commission focused on the federal government’s cybersecurity workforce. But the Commission also recognizes that the federal government cannot merely cut itself a bigger slice of the cybersecurity workforce “pie.” Rather, the government must support growing the whole pie of talent needed throughout the nation. Given this focus, the CSC’s recommendations on cyber workforce development center around six key goals:
Identify and strengthen new pathways into the cybersecurity workforce: Much of current cybersecurity recruitment leans on four-year or graduate degree programs in computer science or related fields. However, there are not enough people coming out of these programs to fill our nation’s empty cybersecurity jobs. The federal government must expand beyond the standard pathways into careers in cybersecurity in order to adequately secure our nation in cyberspace. That is to say, the future workforce needs more and different “on-ramps,” and employers need to retain those folks once they enter.
Expand effective programs: Developing new “on-ramps” should not come at the expense of existing programs. There are many effective programs in place, including those designed to draw from four-year and graduate degree programs. A particularly good example is the CyberCorps: Scholarship for Service program. Since 2001, this joint program between the Office of Personnel Management (OPM), National Science Foundation (NSF), and Department of Homeland Security (DHS) has supported and placed 3,600 CyberCorps graduates in federal cybersecurity jobs. While that is an impressive track record, the number of CyberCorps graduates each year could be much higher, and the Commission recommends expanding resourcing to allow significant growth. While it is critically important to consider new pathways into the cybersecurity workforce, the Commission’s recommendations also emphasize the value of supporting programs that already have a demonstrated track record of success.
Reinforce coordination among U.S. government efforts to advance cybersecurity workforce development nationwide: Virtually every part of government has a stake in building a strong cybersecurity workforce, so it makes sense that many different workforce development efforts have emerged across the U.S. government. However, getting the most out of all these efforts requires designating a leadership role in coordinating among them, which is why the Commission recommends that Congress “reinforce and authorize the role of the NICE in coordinating U.S. government efforts to advance cybersecurity workforce development nationwide.” To be clear, this does not mean that programs should be taken away from their existing homes, but rather that the routes for coordination should be formalized and, where necessary, authorized in legislation.
Bake diversity into every part of cybersecurity workforce development: The federal government--and the nation as a whole--cannot afford to be overlooking potentially talented individuals who may not have had access to the typical pathways into the cybersecurity workforce. For example, if federal recruitment efforts are only tapping into communities who had the exposure needed to cultivate an interest in information security, the federal workforce is missing huge pools of potential talent. Accordingly, explicitly highlighting the importance of connecting with underrepresented groups like women, people of color, and the neurodiverse is key to the Commission’s recommendations.
Create a market for research to identify what works: Policymakers need good data to evaluate the effectiveness of policy in this area just as they do in many other aspects of cybersecurity. In workforce development, policymakers need data to understand the dynamics of the cybersecurity workforce making the nation more secure. Tools like CyberSeek are an extremely valuable start, but there is much that the cybersecurity community still does not know about the state and demographics of the cybersecurity workforce. Certainly, not all of this research can or should be done within government offices themselves, but the federal government should be leading the way in creating a market for such research in order for all stakeholders to understand what educational and developmental systems are actually effective at creating successful cybersecurity workers. To address this, the Commission recommends funding research—in coordination with the relevant federal departments and agencies—into the current state of the workforce, its paths of entry, and demographics.
Provide a strong bedrock of education: The federal government can and should provide tools and resources to educators to help develop a basic appreciation for the importance of cybersecurity, awareness of cybersecurity career paths, and the STEM skills needed to be successful in those roles.
The Commission’s next steps focus on putting these recommendations on the path towards implementation. In many cases, this means taking big ideas and translating them into actionable steps and specific details. In that process, we particularly appreciate input from you and the entire NICE community, and we welcome your comments at info [at] solarium.gov (info[at]solarium[dot]gov).
Affiliated Program Updates
Various organizations within the U.S. government own and operate programs designed to enhance the cybersecurity education, training, and workforce development needs of the nation. The following are a few of those programs with updates on their activities:
NICE Cybersecurity Workforce Framework
The NICE Cybersecurity Workforce Framework is undergoing an update. A public request for comments on the update was open November 19, 2019 – January 13, 2020.
Thank you to those who submitted comments! Comments received are being reviewed and considered in forming a new draft of the NICE Framework. Once completed, the draft revision will be provided to the public for further review and comment.
2020 Community College Cyber Summit (3CS) Postponed
The annual Community College Cyber Summit (3CS) was scheduled to take place August 4-6, 2020, at Sinclair Community College in Dayton, Ohio. Because of the challenges and uncertainties created by the pandemic, the event will be rescheduled. However, a few components will be presented virtually. The opening plenary session will take place online on August 4, 2020, 6:00-8:00 PM EDT. The session will honor the 2020 Innovations in Cybersecurity Education winners, and program and funding updates will be announced. Afterwards there will be a virtual reception. For information about the evolving plans for 3CS, visit https://www.my3cs.org/.
Fast Track CAE Designation Workshop
The CAE National Resource Center (CNRC) at Whatcom Community College has released a Virtual Fast Track CAE Designation Workshop on NCyTE.net. This workshop is designed for all regionally accredited U.S. colleges and universities qualified for and interested in earning the CAE in Cyber Defense Education (CAE-CDE) designation. This workshop covers the updated submission timeline and the new two-part application process and requirements in half the time of a regular workshop. To access the Virtual Fast Track CAE Designation Workshop, visit https://www.ncyte.net/cae-virtual-workshop.
Cybersecurity Program Development Workshop Series
The NCyTE Center will host a three-part workshop on cybersecurity program development beginning on April 27, 2020, 11:00 AM-1:00 PM PDT. Corrinne Sande, Director/PI of the NCyTE Center, will present this workshop, which is designed to help faculty and administrators at colleges with limited cybersecurity programming add to or substantially enhance their programs. The workshop will be split into two 2-hour online sessions (on April 27 and May 11) and one in-person session at a later time. For more details, visit https://www.ncyte.net/program-development-workshops.
New Cybersecurity Curriculum for Advanced Placement Computer Science Principles (AP CSP) Courses
The NCyTE Center announces the availability of three new lessons intended for high school instructors interested in adding cybersecurity to AP CSP courses. These lessons could be used effectively in colleges also. Experts engaged in the Catalyzing Computing and Cybersecurity in Community Colleges (C5) project, hosted at Whatcom Community College, are designing 12 lessons and related instructional materials to enhance computer science and cybersecurity curricula. The first three lesson topics are Information Security and the CIA Triad; Personal Data Vulnerabilities; and Identity, Authentication, and Authorization. Each lesson includes an overview document, a presentation, and student activities. Additional lessons will be released as they are completed. For more information on the lessons and curriculum resources, visit https://www.ncyte.net/c5-lessons.
Cybersecurity Education in the Age of Artificial Intelligence (AI)
Credit:
CyberCorps® Scholarship for Service
The interplay between AI, machine learning, and cybersecurity will continue to introduce new opportunities and challenges in the security of AI as well as AI for cybersecurity. National Science Foundation (NSF) seeks to promote exploration of possible partnerships between AI researchers, cybersecurity researchers, and education researchers in order to inspire novel education and outreach efforts. Such collaborative efforts could also foster a robust workforce with integrated AI and cybersecurity competencies, and develop an informed public that understands the privacy, confidentiality, ethics, safety, and security implications of AI. Teams are required to send a research concept outline, including project title, team members, institutions involved, and a summary of the project concept (up to two pages) by email to satc-edu [at] nsf.gov (satc-edu[at]nsf[dot]gov) no later than midnight EDT on May 15, 2020. For more information, visit https://www.nsf.gov/pubs/2020/nsf20072/nsf20072.jsp
National Integrated Cyber Education Research Center (NICERC)
Credit:
NICERC
The Cyber Education Discovery Forum is an annual summer institute hosted by NICERC for K12 educators who want to integrate cybersecurity into their classrooms. This year, for the first time ever, all of the content will be delivered online, with a mix of live sessions, virtual office hours, and at-home projects. Sign up for a workshop track to walk through hands-on exercises in a particular course, and be sure to log in for keynote sessions throughout the week.
The appearance of U.S. Department of Defense (DoD) visual information does not imply or constitute DoD endorsement.
Credit:
U.S. Air Force
Military veterans are an important community for consideration for cybersecurity jobs. Whether they have direct military experience with information security or possibly possess a highly desirable security clearance (or ability to qualify for a clearance), our nation’s military veterans are increasingly recognized as an attractive talent candidate pool for our most critical cybersecurity roles. We have compiled a list of resources for veterans who are considering a cybersecurity career.
Free and Low-Cost Online Cybersecurity Learning Content
Credit:
shutterstock
Interested in a cybersecurity career? Need to improve your cybersecurity knowledge and skills? Want to acquire a new cybersecurity credential?
NICE has shared a list of free and low-cost online educational content on topics such as information technology and cybersecurity. Some, not all, may contribute to professional learning objectives or lead to industry certifications and online degrees. Please note that this site will continue to be updated as new information is gathered and edited for clarity and accuracy.
NIST Notice of Funding Opportunity (NOFO) for the NICE K12 Cybersecurity Outreach Program (April 17, 2020) – This webinar provided information for those interested in learning about this funding opportunity. Learn more and view a recording here.
The Role of the School Counselor in Promoting Cybersecurity Career Opportunities (April 15, 2020) – In this webinar, school counselors shared how they work with students in elementary, middle, and high school settings to guide them into a variety of career pathways. Learn more and view a recording here.
NICE Cybersecurity Workforce Framework Use Cases and Success Stories (March 18, 2020) - This webinar identified a few of the emerging use cases and success stories that can help to encourage widespread adoption of the NICE Framework. Learn more and view a recording here.
The Intersection of the Privacy and Cybersecurity Workforce (February 19, 2020) – This webinar introduced the newly released Privacy Framework and described the need for and mechanisms for building a workforce skilled in privacy. Learn more and view the recording here.
Learning Cybersecurity Principles for the Practice of Information Security (January 29, 2020) – This webinar opened a dialogue about reaching consensus for a common set of cybersecurity principles to be communicated, acquired, and practiced by learners of all ages. Learn more and view the recording here.
The NICE Working Group (NICEWG) has been established to provide a mechanism in which public and private sector participants can develop concepts, design strategies, and pursue actions that advance cybersecurity education, training, and workforce development. This quarter, the Competitions Subgroup has created several new podcasts featuring interviews with cybersecurity competition leaders around the country.
Learn more about these podcasts and other deliverables from the NICE Working Group.
Key Dates
May 13, 2020 – NICE Webinar – The Continuity of Learning and Skills Development in Virtual Environments
This webinar will explore ways to turn lessons learned from the recent pandemic into systemic changes to improve cybersecurity education, training, and workforce development for the future. NICE webinars are free to attend, but registration is required.
June 1, 2020 – NIST Notice of Funding Opportunity (NOFO) for the NICE K12 Cybersecurity Outreach Program
NIST has announced funding on behalf of NICE for the NICE K12 Cybersecurity Education Outreach Program. NIST is soliciting applications from U.S.-located, non-Federal entities to assist NICE in its outreach efforts to build a K12 community that inspires cybersecurity career awareness with students in elementary school, stimulates cybersecurity career exploration in middle school, and enables cybersecurity career preparedness in high school. The deadline to apply is Monday, June 1, 2020, by 11:59 p.m. ET.
November 16-18, 2020 – NICE Conference and Expo, Atlanta, Georgia
The call for speakers for the 11th annual NICE Conference and Expo is open now! Submit your proposal by May 31, 2020 and learn more at www.niceconference.org.
Featured tracks:
Career Discovery
How do we portray the variety of cybersecurity roles, promote multiple cybersecurity career pathways, and increase the supply of qualified, diverse talent into the cybersecurity workforce?
The Talent Lifecycle
How do we reengineer the human resources and talent acquisition ecosystem to promote competency-based hiring, develop innovative career pathways, and facilitate the mobility of workers?
The Learning Ecosystem
How do we leverage diverse learning environments, solutions, and assessments to equip people with the capabilities to contribute successfully to the cybersecurity workforce?
Effective Leadership
How do current and future leaders remain effective, enable their team to thrive, and keep up their own competencies in the face of uncertainty while developing a diverse workforce to meet the evolving cyber-threat landscape?
This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.S. Department of Commerce, under a Cooperative Agreement (Award# 70NANB18H025).
December 7-8, 2020 – NICE K12 Cybersecurity Education Conference, St. Louis, Missouri
The call for speakers for the 6th annual NICE K12 Cybersecurity Education Conference is open now! Submit your proposal by June 12, 2020, and learn more at www.k12cybersecurityconference.org.
Conference tracks:
Increasing Cybersecurity Career Awareness
This theme will focus on increasing and sustaining youth and public engagement in cybersecurity activities. Proposals that emphasize activities to include a national cybersecurity career awareness campaign targeting educators, students, parents, administrators, and counselors are particularly encouraged. Proposals that describe the impact of co-curricular experiences (e.g., competitions, camps, clubs, boy/girl scouts, etc.) for youth that excite them about careers in cybersecurity and introduce them to the corresponding academic pathways will be given priority. Proposals showing promising practices to increase the appeal of the cybersecurity profession to a diverse audience are highly encouraged.
Infusing Cybersecurity Across the Education Portfolio
This theme will include presentations and sessions that describe stellar cybersecurity education interventions for the future STEM and cybersecurity workforce. A focus on infusion of cybersecurity concepts into classroom instruction that align to the NICE Cybersecurity Workforce Framework is appropriate for this theme. Proposals sharing creative strategies for developing and replicating programs that support youth obtaining knowledge, skills, and abilities required for success in the future STEM and cybersecurity degree programs and/or workforce are highly encouraged.
Integrating Innovative Cybersecurity Educational Approaches
This theme will also explore successful proven methods to stimulate innovative educational approaches to accelerate learning and skills development. This theme will focus on proven methods to improve K12 cybersecurity education instruction. Sessions should highlight strategies that increase coordination among teacher preparation, professional development, support, and recognition efforts within existing and proposed cybersecurity educator programs.
Designing Cybersecurity Academic and Career Pathways
This theme will include presentations and sessions that describe successful models to increase the number of youth pursuing a cybersecurity or cybersecurity-related degree, certificate or career. Examples of state or local recognized cybersecurity career pathways for high school students that improve upon state Career Technical Education (CTE) and Programs of Study (POS) are highly encouraged. Special emphasis is placed on initiatives that are readily transferable and easily adaptable supporting a nationally recognized cybersecurity academic pathway for elementary, middle and secondary school students. Program proposals that show how to increase the number of schools that are providing dual enrollment, early college programs, and other creative alternate efforts that challenge students academically and provide opportunities to reduce the time and cost of obtaining a college degree will be given priority.
Promoting Cyber Awareness
This theme will focus on the knowledge, skills, and behaviors needed to understand, use, and safely interact with technology, media, and digital resources. Proposals that highlight effective resources, practices, and achievements of programs to help students be responsible, ethical and resilient digital citizens will be given priority.
This event is supported by the National Initiative for Cybersecurity Education (NICE), a program of the National Institute of Standards and Technology in the U.S. Department of Commerce, under financial assistance award #60NANB16D302.
