1 / 29

The need for “skilled” workers has grown from 20% to 65%.

Cybersecurity in the Post Secondary Environment with special emphasis on The Role Of Community Colleges in Cyber Security Education. Professional. Unskilled. Skilled. The need for “skilled” workers has grown from 20% to 65%. 1950. 1991. 2000. Source: Bureau of Labor Statistics.

walker-craft
Télécharger la présentation

The need for “skilled” workers has grown from 20% to 65%.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cybersecurity in thePost Secondary Environmentwith special emphasis onThe Role Of Community Colleges inCyber Security Education

  2. Professional Unskilled Skilled The need for “skilled” workers has grown from 20% to 65%. 1950 1991 2000 Source: Bureau of Labor Statistics

  3. But, we are not preparing enough skilled workers. Adults > 25 years

  4. Cybersecurity ConferenceWashington DC June 26-28, 2002 • There is a valid role for community college clientele in cyber security! • Security is a many-front issue • Important initial gains will come at the adaptation and implementation level • Transport and application layer first line defenses are vital • “Everyone” must be security conscious

  5. In A Nutshell: • The First Responders Are: • Technicians, Technologists, and Paraprofessionals : • Are on the front lines • Are often the first to know • Educate end users • Gather data and evidence • Advise upper management • Make critical decisions which affect security • And Therefore: • Need education, re-skilling, and certification

  6. Database Development and Administration Digital Media Enterprise Systems Analysis and Integration Network Design and Administration Programming and Software Engineering Technical Support Technical Writing Web Development and Administration The 8 I. T. Career Clusters

  7. Career Clusters Are clusters of jobs roles characterized by closely related Critical Work Functions and Technical Skills. Foundation Skills Many individual job roles & titles may exist under each career cluster. In general lateral and vertical mobility within a cluster is readily facilitated. Technical Skills Critical Work Functions Performance Criteria

  8. Before Sept. 11, 2001 • Major vulnerabilities were laptops • Theft, loss of data • Desktop workstations vulnerable to viruses • Defenses primarily • Access control software • Front door to applications • Emphasis on authorized users

  9. Early 2000s Environment • Don’t inhibit growth • Don’t slow down access • Don’t impede processes • It’s all about • Hooking up • Building out • Gurus talking about value of networks increasing geometrically as the number of nodes….every business would be web based or gone….”first movers” had advantage…..

  10. Early 2000s • Business Growth and Continuity • Problems seen as event driven • Attack simulation wasn’t performed • Network admin proud of hacker’s lack of success (hero after the fact). • Posture primarily • Responsive • Reactive

  11. Attacks Are Rising

  12. With Increasing Economic Costs $ Billions 1999 2000 2001

  13. Dollars, Identity Theft, & I P $ Millions FBI Statistics 2000 - 2002

  14. What’s Changing • New Language Emerging • CYBERTERRORISM • CYBERSECURITY • TRUSTWORTHTY COMPUTING • Government funding coming, but ……. • Need more than rhetoric and ideology. • Need recognition that technicians are the “first responders” in a cyber attack. • Direct $$ to applications as well as research.

  15. The Field of Cyber Security • Some Generalizations - more or less validated…….. • At the application level, security skills will be a part of virtually all technical jobs • 2-year grads will not have sole responsibility for security audits, policies, strategies • Many incumbent workers will need or desire upgrading and / or certification • Preparatory programs will require infusion more than re-invention • There will be “Demand Pull” for Cyber Security

  16. Because … MINDSET AND ACTIONS MUST: • Become anticipatory • Assume different scenarios • Include coordinated action • Inform the greater cyber community

  17. Labor Demand Picture • 89% of business feel a large scale cyber attack will be launched within 2 years • Almost 60% feel their organization is unprepared to defend against • 80% feel the US as a whole is unprepared to defend against • Many large scale attacks have occurred but gone unreported (confidence issues) • Better mousetraps make better mice

  18. Labor Demand • Recent ITAA Workforce study: • 300,000 new openings • Robert Half Technology: • Highest growth rates are in Network Design and Administration and Web / Internet (40% of total) • Network security admin $61K - $85K • Systems security admin $62K - $86K • $633 Billion e-business volume (W.O.W.): • Behind all this is technicians and technologists • I T is now an indispensable partner in most businesses

  19. Preparatory Two year professional technical degrees Two year computer science transfer degrees Institutional certificates “I T Minor” for business or sciences Certification Incumbent and re-careering workers Upgrading Certification Clock hour certificates “Go-To” for “lifelong” learning Career progression Workforce development 2 Main Program Areas

  20. Possible Content Areas • Systems maintenance, patches, upgrade • Content security • Data assurance • Physical security • User education • Detection (hacks, probes, etc.) • Deterrence (fire walls, honey pots, etc.) • Forensics (evidence gathering, preservation) • Policy development • Forward planning and professional development • Preparation for certification

  21. Authentic Specifications Articulation Integrated Activities Curriculum Involving Tech. Knowledge Critical Work Functions Performance Indicators Employability Skills Assessments Certifications Authentic Holistic Vendor Vendor Neutral

  22. What About Security Certification? Tier 1 - Professional Mgmt. (CISSP, CSSA) Tier 2 - Vendor Specific (Oracle, Checkpoint) and Vendor Neutral (CIW- SCNP) Number of Tests Tier 3 - Vendor Neutral Entry Level & Recarering (S+)

  23. Linear Model Traditional Pre engineering 4-year Univer- sity Computer Science Diploma Work Certificate Prior Work Co. Training Prior edu. Prior Certs. Technician Para- professional Degree Technical Programs & Con. Ed. Certification

  24. More Realistic(Messy Organic Process) Work Exp “Some” College Technical Education Work Exp Corporate Classroom Certification Technical Education Promotion Continuing Education Re-skilling Upgrading

  25. The Good News Every Arrow Is An Opportunity

  26. Strategies for Success • Use skill standards to set agreed-upon expectations • Hold the course • Work with local business / industry to develop / refine content • Make appropriate use of certifications • Develop methods to rapidly infuse the latest security topics and content into curricula, activities, and assessments • Differentiate between technical and transfer outcomes as appropriate • Implement a comprehensive plan for faculty professional development

  27. Doing Less With Less • More collaboration • Infusion • Maximize CRM • Get “appropriated” $$ authorized • Existing and new NSF centers can help • Take advantage of advantages • Clear and present solutions • Business is “IT – dependent” • Flexible cost – effective delivery

  28. Some Closing Issues • “Parallel Universes” (Adleman) • Relative value of credentials? • Qualify Market Opportunity • Remember “dot-com entrepreneurs?” • Re-Skilling the incumbent workforce • What part of this is really new? • Maintain perspective • Perimeter defenses will not the sole answer. • It is “impossible” to secure a digital system from digital attack.

  29. More Information • T S I • http://www.saflund.org • info@saflund.org • 253.630.5326

More Related