backtop


Print 14 comment(s) - last by spaced_.. on Feb 20 at 9:29 PM

DOD is currently rewriting its cyber workforce policy

The U.S. Department of Defense (DOD) is rewriting its cyber workforce policy and reviewing current qualifications because it worries that too many cyber experts are underqualified or unprepared for such positions at DOD.

DOD wants to go on a hiring spree of capable cyber experts, but current certifications/qualifications necessary to work for DOD may not be enough to prepare these experts for the job ahead of them.

"One of the biggest threats to the DOD networks is the inability of DOD security professionals to secure the networks," a U.S. Army chief warrant officer assigned to U.S. Army Cyber said. "Many of these security professionals have the required certifications but no understanding how to truly secure the DOD networks and make poor decisions resulting in vulnerable networks."

One main issue is that these experts are merely required to do a lot of book training rather than hands-on training.

"The current requirements aren't turning out people who are prepared," said Jeff Moulton, a senior cyber researcher at the Georgia Tech Research Institute. "The school of hard knocks can teach quite a few lessons, but at DoD that can cost people's lives. Book training is simply not enough."


Another U.S. Army major said that one certification is not enough for an intrusion analyst, infrastructure support, incident responder, auditor and manager because these are five different professions with five completely different skill sets.

The current requirements for cyber security workers was put in place in August 2004 under DOD Directive 8570. It could use an update, especially considering technology and security measures have changed significantly since that time. And the problem is that technology changes so often that it's difficult for DOD to keep up.

"We're rewriting essentially all of the cyber workforce policy, so we are going to have an overarching cyber workforce policy that will include all of the cyber skills including cyber defenders, cyber attackers, malware analysts, all that stuff," said Richard Hale, Deputy Chief Information Officer for DOD Cybersecurity. "Then we will rewrite specific manuals underneath each."

Last month, the Pentagon said it planned to boost its cyber security unit five-fold from 900 trips to about 4,900 over the next several years.

Source: Defense News



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Well duh!
By Milliamp on 2/19/2013 12:26:48 AM , Rating: 2
You can't teach people passion.


RE: Well duh!
By Master Kenobi (blog) on 2/19/2013 10:51:40 PM , Rating: 2
You also can't teach them the talent necessary to be top contenders. Most individuals within the military can simply do what they are told and follow a step by step process. The sad truth is most of the office workers in the military can be replaced with simple robots, we might even be better off, at least then they would work faster. The US Military lacks the talent and skills necessary to be taken seriously within the cyberwarfare field. They would be better off hiring a security/penetration testing company and give them a government endorsement to do what needs to be done. The results would be a whole lot better.


"Can anyone tell me what MobileMe is supposed to do?... So why the f*** doesn't it do that?" -- Steve Jobs














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki