cyber workforce

dodd 8140 cyberspace workforce management

January 11, 2016 by Bruce Brown Leave a Comment

What is the DoD Directive 8140?
DoD 8140, Cyberspace workforce will supersede DoD 8570 as the guide for selecting the personnel with the correct certifications, skills and experience.

Where is the DoDD 8140.01, Cyberworkforce going?
8140 manual may mirror an ongoing initiative that has a lot more categories. Those high level categories would be under a National Initiative for Cybersecurity Education (NICE) framework:

Security Provision, Maintain and Operate, Protect & Defend, Analyze, operate & collect, Oversight & Development and Investigate.

These categories are broken down further into a sum total of 31 tasks. It was supposed to be released in 2013, but there is actually no telling when it will come out.

http://diarmfs.com
niccs.us-cert.gov

DoDD Cyberspace Workforce Management 11 Aug 2015

September 23, 2015 by Bruce Brown Leave a Comment

The Department of Defense finally released the Directive for Cyberspace workforce management on 11 Aug 2015. This means that the DODI (instruction) is not far behind. The instruction will be more in the weeds. It is where the “magic happens”. Directives are very high level policy that gives instructions their power to exist.

Cyberspace Workforce Management – http://www.dtic.mil/whs/directives/corres/pdf/814001_2015_dodd.pdf

The Cyberspace Workforce Management directive does the following:

Reissues and renumbers DoD Directive (DoDD) 8570.01 (Reference (a)) to update and expand established policies and assigned responsibilities for managing the DoD cyberspace workforce.
Authorizes establishment of a DoD cyberspace workforce management council to ensure that the requirements of this directive are met.
Unifies the overall cyberspace workforce and establishes specific workforce elements (cyberspace effects, cybersecurity, and cyberspace information technology (IT)) to align, manage and standardize cyberspace work roles, baseline qualifications, and training requirements.

Cyberspace Workforce Applies to:

Office of the Secretary of Defense (OSD)
Military Departments (Army, Navy, Air Force, Marines)
Office of the Chairman of the Joint Chiefs of Staff (CJCS) and the Joint Staff
Combatant Commands
Office of the Inspector General of the Department of Defense (IG DoD)
Defense Agencies
Field Activities
DoD Components

It is DoD policy does the following:

Maintains a total force management perspective to provide qualified cyberspace government civilian and military personnel to identified and authorized positions, augmented where appropriate by contracted services support. These personnel function as an integrated workforce with complementary skill sets to provide an agile, flexible response to DoD requirements.
[Make sure] the appropriate mix of military and government civilian positions and contracted support designated to perform cyberspace work roles is determined in accordance with DoD Instruction (DoDI) 1100.22 (Reference (b))
Civilian, military, and contracted support personnel assigned to perform cyberspace work roles must meet qualification standards established in supporting issuances, in addition to other existing workforce qualification and training requirements assigned to billets and position requirements (e.g., acquisition, intelligence, communications).
DoD Component compliance with this directive is monitored via authoritative manpower and personnel systems as an element of mission readiness and as a management review item.
Nothing in this directive replaces or infringes the responsibilities, functions, or authorities of the DoD Component heads or other OSD officials as prescribed by law or Executive order, assigned in chartering DoDDs, or detailed in other DoD policy issuances or, as applicable, in Director of National Intelligence policy issuances.
All authorized users of DoD IT receive initial cybersecurity and information assurance awareness orientation as a condition of access, and thereafter must complete annual cybersecurity and information assurance refresher awareness.

8570_to_8140_01_2015_dodd

Federal cyber workforce Having Issues Getting Workers

April 22, 2015 by Bruce Brown Leave a Comment

I read an article about the federal government having a hard time hiring and retaining cyber workforce professionals.

Rigid hiring processes and low pay for specialized employees have kept the U.S. government from developing the type of cyber workforce it needs to keep up with growing attacks, according to an independent analysis. – Washington Post

I have worked for the federal government for many years. I would definitely agree with that assessment. And I know why. The government is slow as hell. They are slow to adjust to the exponential changes of Information Technology and have trouble competing with the salaries of the commercial world.

The Partnership for Public Service released a report on Tuesday saying the federal government has positioned itself poorly for recruiting cybersecurity personnel at a time when the nation as a whole is already facing a shortage. – Washington Post

Cybersecurity is more important than ever. As more of our money, our interactions, and lives go online, security becomes more important.

Aside from non-competitive pay and strict hiring practices, other causes of the deficiency include weak talent pipelines and the lack of a government-wide strategy for hiring and retaining talent, according to the group.

If the federal governments wants better talent, they have to get ALL IN. I think some of their business units get it right. Defense Advanced Research Projects Agency (DARPA) for example is always trying to go beyond the leading bleeding edge of tech. DARPA is credited with funding the initial seeds that led to the creation of the Internet. They have huge visions that seem crazy until they actually do it and change the world. The federal government has the means to go “DARPA” in every branch of the military. They do not have the political will. And that is why they are in the situation they are in.