DOD Worries Cyber Workers Are Undertrained, Unprepared
February 18, 2013 1:26 PM
comment(s) - last by
DOD is currently rewriting its cyber workforce policy
The U.S. Department of Defense (DOD) is rewriting its
cyber workforce policy
and reviewing current qualifications because it worries that too many cyber experts are underqualified or unprepared for such positions at DOD.
DOD wants to go on a hiring spree of capable cyber experts, but current certifications/qualifications necessary to work for DOD may not be enough to prepare these experts for the job ahead of them.
"One of the biggest threats to the DOD networks is the inability of DOD security professionals to secure the networks," a U.S. Army chief warrant officer assigned to U.S. Army Cyber said. "Many of these security professionals have the required certifications but no understanding how to truly secure the DOD networks and make poor decisions resulting in vulnerable networks."
One main issue is that these experts are merely required to do a lot of book training rather than hands-on training.
"The current requirements aren't turning out people who are prepared," said Jeff Moulton, a senior cyber researcher at the Georgia Tech Research Institute. "The school of hard knocks can teach quite a few lessons, but at DoD that can cost people's lives. Book training is simply not enough."
Another U.S. Army major said that one certification is not enough for an intrusion analyst, infrastructure support, incident responder, auditor and manager because these are five different professions with five completely different skill sets.
The current requirements for cyber security workers was put in place in August 2004 under DOD Directive 8570. It could use an update, especially considering technology and security measures have changed significantly since that time. And the problem is that technology changes so often that it's difficult for DOD to keep up.
"We're rewriting essentially all of the cyber workforce policy, so we are going to have an overarching cyber workforce policy that will include all of the cyber skills including cyber defenders, cyber attackers, malware analysts, all that stuff," said Richard Hale, Deputy Chief Information Officer for DOD Cybersecurity. "Then we will rewrite specific manuals underneath each."
Last month, the Pentagon said it planned to
boost its cyber security unit
five-fold from 900 trips to about 4,900 over the next several years.
This article is over a month old, voting and posting comments is disabled
Outsource pen testing to private firms
2/19/2013 12:14:15 AM
I'd also like to add that government generally moves slow as shit.
I once noticed a major mistake they made in the firewall of several critical systems. Lets just say that once the mistake was pointed out it was obvious and simple to fix. I decided to take on the project of getting them to fix it.
I spoke numerous people in numerous government organizations and the total process to get it resolved took over 6 months. Any normal company could have corrected this inside a couple of days.
At some point in my life I wanted to work for a 3 letter branch of government. It was working with government on this issue that I realized I am happy working for a civilian organization. Being a government employee would tie both hands behind my back in red tape to the point that I really couldn't accomplish anything useful.
As cool as it would be to be a computer security expert for the NSA, DHS, or CIA etc. after you get past the cool title all it would mean is I would have to overdress to sit through meetings where we accomplish nothing every day.
"People Don't Respect Confidentiality in This Industry" -- Sony Computer Entertainment of America President and CEO Jack Tretton
House Cybersecurity Bill Makes a Comeback, Despite Obama Veto Threat
February 8, 2013, 2:55 PM
Pentagon to Boost Cyber-Security Unit Five-Fold, Eyes Effective Offense
January 28, 2013, 3:34 PM
LinkNYC Terminals to Blanket New York City With Free WiFi, Free Calls, and Ads
November 17, 2014, 6:50 PM
Microsoft is Open-Sourcing Most of .NET, Adding OS X and Linux Support
November 12, 2014, 8:27 PM
Home Depot Lost 53 Million Emails, Blames Windows, Buys Execs New Macs
November 9, 2014, 5:00 PM
Former NSA Lawyer: If Google, Apple Encrypt User Data, They’ll Wither on the Vine Like Blackberry
November 6, 2014, 12:15 PM
Report: AT&T Eyeing $40B DirecTV Purchase
May 1, 2014, 8:00 AM
WebOS Class Action Settlement Costs HP $57 Million
April 1, 2014, 10:22 AM
Most Popular Articles
FCC Bans Data Discrimination, Defies Comcast, Adopting Net Neutrality Regulation
February 26, 2015, 4:03 PM
Google Steps up Snub of Adobe Flash, Auto-Converting Flash Ads to HTML5
February 25, 2015, 6:16 PM
Windows 10 Adds USB 3.1 for Dual-Role Peripherals, External Display Support
February 27, 2015, 11:39 AM
Australian Engineers Successfully Developed 3D-Printed Jet Engines
March 2, 2015, 11:08 AM
Smartphone STD Scanner Dongle Can Detect HIV in Just 15 Minutes
February 26, 2015, 11:04 AM
Latest Blog Posts
Sceptre Airs 27", 120 Hz. 1080p Monitor/HDTV w/ 5 ms Response Time for $220
Dec 3, 2014, 10:32 PM
Costco Gives Employees Thanksgiving Off; Wal-Mart Leads "Black Thursday" Charge
Oct 29, 2014, 9:57 PM
"Bear Selfies" Fad Could Turn Deadly, Warn Nevada Wildlife Officials
Oct 28, 2014, 12:00 PM
The Surface Mini That Was Never Released Gets "Hands On" Treatment
Sep 26, 2014, 8:22 AM
ISIS Imposes Ban on Teaching Evolution in Iraq
Sep 17, 2014, 5:22 PM
More Blog Posts
Copyright 2015 DailyTech LLC. -
Terms, Conditions & Privacy Information