The US White House has unveiled the National Cyber Workforce and Education Strategy (NCWES), a crucial step towards securing the nation’s digital future.
The NCWES focuses on making foundational cyber skill learning accessible to everyone and investing in cyber education from K-12 to higher education.
Doing so aims to bridge the workforce gap and equip all citizens with essential cyber skills. Additionally, the strategy emphasizes transforming cyber education by enhancing systems, supporting educators, and making it more affordable and available.
The initiative receives support from various stakeholders, including the National Science Foundation (NSF) and the National Security Agency (NSA), who are contributing investments to bolster the cybersecurity workforce and education.
The collective efforts of all stakeholders are important in securing a safer digital future for the US, fostering a highly skilled and diverse cybersecurity workforce, and maintaining the nation’s leadership in the field.
Peraton, a privately held American national security and technology company in the US, will guide this endeavor. It will serve as the center for NCWES and all the programs associated with empowering citizens about the digital ecosystems and cybersecurity.
Over the past six years, Peraton has been a leading force in the education, recruitment, and development of cyber professionals across our nation through university partnerships, like the CybHER program,” said Matt McQueen, chief communications and engagement officer, Peraton.
What does the National Cyber Workforce and Education Strategy (NCWES) entail?
The National Cyber Workforce and Education Strategy will be a state-of-the-art approach towards cybersecurity, primarily encompassing the field of online security and the people of the United States.
The plan will help individuals and groups foster their cybersecurity careers with investments from several government and non-governmental organizations.
The NCWES aims to empower American citizens about the country’s digital ecosystem, and it will also help job seekers find new career options in the world of cybersecurity.
The plan laid out in the NCWES will also introduce concepts of middle-class families and empower them through schemes and laws such as the Bipartisan Infrastructure Law, CHIPS and Science Act, and the Inflation Reduction Act.
In other words, the NCWES will improve the overall consumption of the IT world and also create opportunities for the country’s youth.
Moreover, according to the points laid out in the plan, Peraton will be a force that will help US citizens bridge the gap between opportunities and skills to foster better cybersecurity measures for the country.
Peraton aims to work together with federal government agencies, colleges, and other stakeholders to promote the use and implementation of cybersecurity skills in every middle-class household.
“We look forward to working with the federal government, industry partners, academia, and other stakeholders to close the workforce gap and maintain the United States’ dominance in cybersecurity,” said Scott Cooper, vice president of Strategic Advocacy, Peraton.
The NCWES also stresses the importance of collective action from various stakeholders to bring a change in the world of cybersecurity and job markets —- with particular emphasis on groups and individuals left out of the industry.
The Biden-Harris Administration, which is the core product by the US government to foster cybersecurity literacy and digitization in the country, aims to achieve this through three main imperatives.
Firstly, by leveraging adaptable ecosystems to foster cyber education and workforce development on a national scale.
Secondly, by enabling lifelong development of cyber skills for all Americans, ensuring they possess foundational, industry-specific, and evolving specialized cyber skills.
Lastly, promoting diversity and inclusion in the cyber workforce, thus expanding the pool of eligible workers and fostering innovation.
The strategy proposes key initiatives, such as expanding cyber education programs, forging public-private partnerships, increasing funding for cyber research, and enhancing recruitment and retention of cybersecurity professionals.
How will the NCWES address the current cyber challenges?
“It is clear that the shortage of talent and burnout are issues that both the public and private sector face, therefore, it is an issue we must tackle together,” said House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection Chairman Andrew Garbarino in June.
“Our nation’s cyber workforce challenges are widespread and must be addressed through a strategic and crosscutting approach that avoids duplication.”
According to the White House report, several US communities are underrepresented in cyberspace and doesn’t have enough resources to learn about the technology boom in the cybersecurity sector.
“Many communities currently underrepresented in the cyber workforce do not envision themselves in cyber jobs or are not aware of the tremendous opportunity to join this important and growing workforce”, reads the report by US White House.
However, this will change with the introduction of NCWES and other parties aiming towards a better IT ecosystem wrapped with even better cybersecurity professionals.
Threat actors worldwide, especially state-sponsored actors, have continuously targeted the US in the past years. Several industries, companies, businesses, colleges, and universities faced data breaches from several threat actors.
This has not only halted operations for the victim organizations but also increased the risk of mass-scale phishing campaigns in the country, targeting people whose data was breached at the time of the attack.
Cybersecurity defence agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA), are already doing their job.
However, the main target for hackers are companies with inadequate cybersecurity infrastructures and the people of the country whose data gets misused every day and ends in the hacker’s hand, who then reaches out to them with intents of blackmailing, and ransom demands.
Morever, according to Emsisoft, ransomware attacks have posed a great threat to local governments in 2022, followed by challenges faced by education institutions and hospitals.
The number of ransomware attacks on state and municipal governments increased to 106, with 25% involving data theft. Quincy, MA, paid a $500,000 ransom; the highest demand was $5 million in Wheat Ridge, CO.
The education sector experienced multiple ransomware incidents, impacting 1,981 schools, with 65% involving data exfiltration.
Los Angeles Unified School District was notably attacked, affecting over 1,300 schools and 500,000 students. Some organizations, including Glenn County Education Office, CA, paid ransoms in exchange for their data.
Hospitals, and medical facilities faced 25 incidents potentially impacting up to 290 hospitals, with 68% involving the exfiltration of Protected Health Information (PHI). A big cause of these attacks has been human error and citizens’ lack of awareness about cybersecurity.
To facilitate a platform for every citizen in the country, the NCWES aims to promote cybersecurity in the US and encourage people to join the sector to help the nation fight against hackers, threat actors, and other groups and individuals who are targeting the US.
What are the expected benefits for the nation’s digital future?
Though cybersecurity itself is a competitive field, the NCWES says that many individuals and groups are unaware of the opportunities and the current drive of the global workforce that are aiming for cybersecurity as a career option.
To enter the cybersecurity and information security world, the NCWES will focus on certification courses and community college degrees, which will be available through local communities across the US.
Moreover, the NCWES, along with other agencies participating in this campaign, will follow the release of the President’s National Cybersecurity Strategy, released earlier this year, to empower the citizens about cybersecurity, safety, career options, and much more.
The National Cybersecurity Strategy, which also aims for the same goal, will partner with all the agencies involved in the plan and help foster a better and more secure environment.
Moreover, the skill gap, which is a big factor that pushes marginalized groups out of the workforce, will be resolved with this campaign as it will help students, working professionals, and job seekers find new options in their careers, which will be guided by the laws of cybersecurity and information technology.
Apart from helping the job seekers community, the NCWES plan also aims to enable educators to upskill themselves and also expand their knowledge and skills to “diversify their workforce,” creating an all-out plan for everyone in the US to pursue cybersecurity and digitalization ecosystems.
With several partners, and the federal government supporting this plan, the NCWES aims to provide better cybersecurity career options in all the departments. The departments, and companies, which have already signed up for NCWES, include the following:
National Science Foundation (NSF)
National Security Agency (NSA)
Office of the National Cyber Director (ONCD)
National Institute of Standards and Technology (NIST)
Department of Labor (DOL)
Office of Personnel Management (OPM)
Department of Veterans Affairs (VA)
Cybersecurity and Infrastructure Security Agency (CISA)
Department of Housing and Urban Development (HUD)
Craig Newmark philanthropies
Women in CyberSecurity (WiCyS)
Cybersafe Foundation
SANS Institute
Cyber Readiness Institute (CRI) and the Center on Cyber and Technology Innovation (CCTI)
Girl Security
Trellix
The Society for Human Resource Management (SHRM)
Omidyar Network
NPower
Task Force Movement (TFM)
Check Point Software Technologies
Black Tech Street
MassBay Community College
Accenture & Immersive Labs
National Cybersecurity Alliance (NCA)
Aspen Institute’s Cybersecurity Program
Dakota State University (DSU)
Information Technology Senior Management Forum (ITSMF)
Mastercard
iKeepSafe
Lightcast
Google
CrowdStrike
Microsoft
SAP
ConSol USA
American University
How will the NCWES impact the cyber workforce and education landscape?
NCWES and the organizations mentioned above aim to filter better education for individuals who want to pursue cybersecurity.
In this plan, a total of 37 companies are collaborating with government agencies to provide training and certifications for people in cybersecurity and IT. Among them, many will fund cybersecurity learning programs, projects, and initiatives to promote the industry among US citizens.
With these companies, individuals and groups who were behind the job markets or didn’t have the skills to compete in the market will be able to embark on their journey with certifications and job-ready skills to help the local government fight against hackers.
In this initiative, many companies offer learners grants, scholarships, and one-of-a-kind training facilities. Some of these initiatives include the Office of the National Cyber Director (ONCD), aiming to boost internship diversity by actively reaching out to underrepresented groups like women, people of color, and people with disabilities.
The Department of Veterans Affairs (VA) will offer a Cybersecurity Apprenticeship Program for Veterans, providing hands-on learning and mentorship within the VA Cybersecurity Operations Center. The program aims to encourage careers in federal cybersecurity and increase the technical workforce’s salary rates to close the industry gap.
Women in CyberSecurity (WiCyS) will promote diversity in the cybersecurity workforce by providing career accessibility and upskilling opportunities for underrepresented groups.
They offer security training scholarships, mobilize professional affiliates and student chapters, and engage with industry to build a cybersecurity ecosystem.
Collaborating with NCWES, NS Institute, and the National Cyber Scholarship Foundation will expand their partnership to inspire high school and college students in the United States through CyberStart America and Cyber FastTrack programs.
On the other hand, Trellix, a popular threat intelligence organization in the US, has committed to hiring 300 interns over the course of the next two years.
Other companies that will help foster cybersecurity in the nation include Task Force Movement (TFM), which will fund 50 award recipients to pursue cybersecurity certifications in the US and connect the participants with hiring partners.
Moreover, another big announcement was made by Check Point Software Technologies, which has offered training to millions of individuals in cybersecurity skills by 2028 through its MIND Cyber Security Training Program, a free-to-use training program kit that offers its service to educational organizations in the US.
What are the implications for public-private collaboration in cybersecurity?
The NCWES plan will also collaborate with government agencies, private agencies, and educational institutions to offer cybersecurity aid to people in the US. This includes funds, new cybersecurity operations, training facilities, and discounted courses. The plan will also help government organizations and private companies.
The goal is to empower companies and individuals about data breaches and ransomware attacks and foster a cyber-safe environment for everyone. With this initiative, many government and non-government organizations will offer their services for a single goal — a better cybersecurity ecosystem for everyone in the country.
The NCWES includes various stakeholders, including educational institutions, government agencies, and private organizations, who have demonstrated their commitment to the National Cyber Workforce and Education Strategy (NCWES) through numerous actions and partnerships.
For example, the National Science Foundation (NSF) plans to invest $24M in CyberCorps scholarships to develop a robust cybersecurity workforce.
The National Security Agency (NSA) aims to establish Cyber Clinics at universities, while the Office of the National Cyber Director (ONCD) focuses on increasing diversity among internship applicants.
Additionally, the Department of Labor (DOL) will provide grants for apprenticeship programs in critical sectors like cybersecurity.
Several philanthropic organizations, including Craig Newmark Philanthropies, Women in CyberSecurity (WiCyS), and the Cyber Readiness Institute (CRI), have also committed significant resources to support cybersecurity education and workforce development initiatives.
Private companies like Accenture, Mastercard, Google, and Microsoft are actively involved in upskilling and reskilling individuals for cybersecurity roles.
Furthermore, educational institutions such as Dakota State University (DSU) and MassBay Community College are expanding cybersecurity programs and training opportunities.
The NCWES aims to bridge the cyber skills gap, increase diversity in the cybersecurity workforce, and equip millions of individuals with foundational cyber skills to secure the nation’s digital ecosystem.
National Cyber Workforce and Education Strategy: Summing up!
With a focus on accessibility, education, and collaboration, the NCWES aims to empower every citizen with essential cyber skills, bridge the workforce gap, and foster a highly skilled and diverse cybersecurity workforce.
By emphasizing the importance of adaptable ecosystems, lifelong development of cyber skills, and diversity and inclusion in the cyber workforce, the NCWES sets a comprehensive roadmap for a more secure digital landscape.
It will not only address the current cyber challenges the nation faces, such as ransomware attacks and data breaches but also open new career opportunities for job seekers and upskill existing professionals.
With the support of organizations like Peraton and the involvement of critical agencies like the National Science Foundation and the National Security Agency, the NCWES is well-positioned to lead the nation’s efforts in cybersecurity education and workforce development.
In the coming years, the successful implementation of the NCWES will strengthen the nation’s defense against cyber threats and contribute to the overall growth and prosperity of the cybersecurity industry.
By empowering individuals, diversifying the workforce, and promoting a cyber-aware society, the NCWES sets the stage for a safer and more secure digital future for the United States.