Technology convergence presents evolving workforce development challenges in combating cyberthreats
By Jay Warmke
Every institution, from the federal government to the corner convenience store, struggles with the ongoing issue of workforce development-and now also with the issue of cybersecurity.
There is the initial struggle to recruit a person who has the interpersonal skills and attitude to succeed, and the knowledge to contribute to the collective effort on day one. And in evolving and technical industries, there is the ongoing task of retraining technicians in emerging technologies, developing job skills from this new knowledge, adapting and applying these skills in the real world, and then evaluating the individual to see if that employee really has absorbed the information now necessary to perform the job.
The challenges of workforce development can clearly be seen in the recent initiative by the National Institute of Standards and Technology (NIST), a part of the U.S. Department of Commerce, as it struggles to address the concerns raised by the growing threat of cyberattacks on our nation's critical infrastructure.
Out of these concerns has emerged the National Initiative for Cybersecurity Education (NICE) Framework, a nationally coordinated effort focused on cybersecurity awareness, education, training, and professional development. Within the NICE Framework, the effort seeks not only to define terms, create job descriptions, and divide security tasks into specialty areas-but it also seeks to come to grips with the areas of education necessary to make the nation's infrastructure more secure.
After those fields of expertise are identified (which is no easy task), how do you go about verifying that an individual is indeed qualified in that specialty? This is where training and third-party certification programs become paramount in preparing a workforce that can identify and alleviate these threats. As part of its process, the NICE initiative is identifying existing certification programs that are applicable and helpful in dealing with and preventing cyberthreats.
As one might assume, most of the currently listed programs were initially designed with network security in mind. Programs such as:
- Global Information Assurance Certification (GIAC) Information Security Fundamentals
- CompTIA Security+
- ISC's Certified Information Systems Security Professional
- Certified Hacking Forensic Investigator
But cybersecurity is not just for computers anymore. The playing field is evolving . . . changing . . . converging.
The threats come from new vulnerabilities
Increasingly, computer networks are moving to wireless platforms. Even our personal cars and public transit systems are incorporating wireless data systems as standard features. With these changes come increased and evolving network vulnerabilities. The world of computing is moving into a landscape previously dominated by those trained in radio frequency (RF) applications.
And at the same time, over the past 10 to 15 years, mobile radio communications and cell and wired telecommunications systems have become more and more Internet Protocol based in an effort to enhance their efficiency, adaptability, and connectivity to existing data systems. The industries are converging.
In the early days of fiber-optic technology, it was touted as the industry's answer to network security. But in recent years, it has been determined that, using only commonly available tools and equipment, fiber-optic cables are as easy to tap as copper-and the security breach is almost undetectable. With millions of miles of fiber transmitting billions of megabytes of data daily-who needs access to the computer hardware?
And how vulnerable are first responders, who have traditionally relied on RF technologies, to cyberthreats? The list of vulnerabilities and technologies affected are seemingly endless.
New specializations will be required
The Electronic Technician Association, International (ETA) has developed more than 80 certification programs focused on skill sets as varied as:
- Certified Network Computer Technician (CNCT)
- Certified Network Systems Technician (CNST)
- Computer Service Technician (CST)
- Wireless Network Technician (WNT)
- Wireless Communications (WCM)
- Communication Site Installer (R56)
- Mobile Communications & Electronics Installer (MCEI)
- Fiber Optics Installer (FOI)
- Fiber Optics Technician-Outside Plant (FOT-OSP)
- Radio Frequency Identification
- Technical Specialist (RFID)
These programs are widely accepted within their respective industries, and undergo constant review and updates. Many are currently incorporating cyber- and network-security issues into their programs.
Conversely, those interested in cybersecurity issues increasingly need a comprehensive knowledge of diverse technologies-simply to understand those systems and the inherent vulnerabilities they present.
For more information about the certification programs, publications, and technical information available through the ETA, International, visit its website at www.eta-i.org.
ABOUT THE AUTHOR
Jay Warmke is a writer, speaker, and teacher and was recently awarded ETA's 2013 Educator of the Year Award. Warmke also serves on the board of the International Certification Accreditation Council.