By First Health Team
In its latest effort to bolster critical infrastructure cybersecurity, the Biden Administration is taking aim at cyber staffing gaps through workforce development programs that target diverse groups, including veterans and women.
The White House National Cyber Workforce and Education Strategy (NCWES) will invest in cybersecurity education programs, while strengthening private-public relationships. As part of the unveiling of the NCWES, the Department of Veterans Affairs announced an apprenticeship program for veterans.
The new developmental program will exist within the VA Cybersecurity Operations Center (CSOC) to support veterans with hands-on learning and development experience through cybersecurity apprenticeships, in hopes of encouraging veterans to pursue a career in the federal cybersecurity workforce.
Program apprentices will develop needed cyber experience under key mentorships, as well as on-the-job training and training courses. The apprenticeship program is registered with the Department of Labor, and recruiting for first cybersecurity apprenticeship cohort will begin during Q1 of Fiscal Year 2024, which will target five transitioning veterans from tech-specific Military Occupational Specialties.
The hope is to increase the program size to 10 for future cohorts.
The NCWES includes a number of other diversity and inclusion (D&I) efforts, including a renewed commitment from the Office of the National Cyber Director to broaden the diversity of its internship applicants, by increasing its recruitment and outreach to underrepresented communities. The agency intends to release dedicated recruitment materials before the Summer 2024 intern application season.
The Cybersecurity and Infrastructure Security Agency has also reaffirmed it will continue to target diverse populations for its future cyber workforce, including partnerships with Girl Scouts of the USA, Girls Who Code, and Women in CyberSecurity.
Data has long confirmed that D&I efforts can effectively improve the number of recruits and potential workforce members needed to fill longstanding staffing gaps. A 2022 ICS Cybersecurity Workforce study found that additional 3.4 million cyber workers are needed to effectively secure assets.
Advocates have long recommended directing efforts toward more diverse populations to fill those gaps effectively, as a more diversified talent pool can provide a host of benefits, such as innovative and creative ideas, more unique perspectives, and skill sets needed to support the next generation of the cyber workforce.
“First Health is pleased to see the continued leadership push from the ONCD in addressing our nation’s cyber challenges,” said First Health Advisory CEO Carter Groome, MBA, CHISL, CDH-E. “The NCWES touches on many of the biggest gaps that we face in the health sector.”
“The whole-of-society effort is an important message that not only spans the public-private business landscape but will open new opportunity by pulling talent from diverse populations that will ultimately make cybersecurity more inclusive,” he added.
The NCWES effectively strengthened the ongoing Administration commitments for key agencies and will rely on a “first-of-its-kind” approach to tackle immediate and long-term cyber workforce needs. This includes the “hundreds of thousands” of cybersecurity job vacancies around the U.S., according to the White House press release.
The Administration has prioritized these job vacancies as a national security imperative and will make generational investments to ensure the U.S. leads in the digital economy. The NCWES is meant to embolden jobseekers to participate in this digital ecosystem, while addressing the critical need to fill the vast number of vacant cyber jobs.
To accomplish these lofty goals, the NCWES relies on a four-pillar approach that provide opportunities for foundational cyber skills, increase cyber education opportunities for all, expand and enhance the national cyber workforce, and bolster the current federal cyber workforce.
The White House also noted the renewed program will support ongoing efforts to strengthen middle class working families, such as the Bipartisan Infrastructure Law, CHIPS and Science Act, and the Inflation Reduction Act.
There’s hope that the NCWES can act as a framework for the health sector, as industry stakeholders identified healthcare workforce development needs, which were amplified last year through the policy options introduced by Sen. Mark Warner, D-VA.
In Warner’s vision, the workforce development program would be “tailored to prepare cybersecurity professionals to confront cyber threats that are specific to the healthcare environment,” according to the paper. This program would rely on community colleges and professional certification programs to create a skilled workforce.
The creation of workforce development programs would close existing gaps in healthcare’s cyber workforce. In 2017, the Department of Health and Human Services Cyber Task Force report revealed three out of four hospitals were operating without a designated security leader.
Although progress has been made, Warner’s workforce development approach with aligned incentivization will be critical to moving the needle on overall cyber hygiene for these entities.