NEWPORT, RI— Pell Center fellows Francesca Spidalieri and Sean Kern contributed insights and recommendations to the Council on CyberSecurity’s most recent publication, entitled “Cybersecurity Workforce Handbook: A Practical Guide to Managing Your Workforce.” The Workforce Handbook was produced by an expert panel convened by the Council on CyberSecurity, of which Spidalieri and Kern are members.
The Council on CyberSecurity supports workforce refinement, management, and development at both the individual and enterprise levels. As a result of this dual mission, the Council has produced the Workforce Handbook to serve as a reliable reference for executives and hiring managers—primarily in IT and HR divisions—who are managing the planning, sourcing, hiring, training, development, career progression, and sustainment of their organization’s cybersecurity workforce.
“It has become clear to the Council and our partners that in order to tackle the extent of cybersecurity threats we see in today’s world, a comprehensive approach needs to be utilized that spans across policy, technology, and people,” stated Maurice Uenuma, Chief Operating Officer for the Council on CyberSecurity. “Critically important in this process is equipping those individuals who are responsible for managing information systems, hiring cybersecurity talent, developing corporate policy and creating corporate culture. This handbook is an asset to those individuals—providing guidelines for effective workforce management in the cybersecurity sphere.”
The timely release of the Workforce Handbook follows the recent publication of a new Pell Center report on the professionalization of the cybersecurity industry, which is widely cited in the Handbook. In “Professionalizing Cybersecurity: A Path to Universal Standards and Status,” Spidalieri and Kern propose an alternative to the current ad hoc and decentralized approach to cybersecurity workforce development. They outline a plan for professionalizing the field and call for the creation of a professional association dedicated entirely to cybersecurity.
In the Workforce Handbook, Spidalieri details the increasing role that non-technical executives and board members must play in their organizations’ overall cybersecurity posture and the need for them to see cyber risk as an integral component of their enterprise risk management process. She argues that “achieving cybersecurity is more than just a technical problem […] it is an operational issue that requires senior leaders to develop and implement overarching strategies that integrate best practices across policy, technology, and people.”
The Workforce Handbook is a project sponsored by the Department of Homeland Security through the Air Force Research Laboratory, and it is supported by the SANS Institute, Tripwire, and Qualys.
You can learn more about the Pell Center Cyber Leadership Project and ongoing cybersecurity research and activities at http://pellcenter.org/cyber-leadership/.
About the Council on Cybersecurity
The Council on CyberSecurity is a global, independent, expert, and nonprofit organization committed to the security of an open Internet, the ongoing development and widespread adoption of the 20 Critical Security Controls, elevating the competencies of the cybersecurity workforce, and the development of policies that lead to measurable improvements in the ability to operate safely, securely and reliably in cyberspace. For information regarding the Council on CyberSecurity, please visit the Council’s website at www.counciloncybersecurity.org
UPDATE: The Council on Cybersecurity has merged with the Center for Internet Security. You can find more information at http://www.cisecurity.org/