March 2017 Digital Edition
Feb. 2017 Digital Edition
January 2017 Digital Edition
Nov/Dec 2016 Digital Edition
Oct 2016 Digital Edition
Sept 2016 Digital Edition
(ISC)2 presents cybersecurity recommendations to Trump Administration
ALEXANDRIA, VA April 19, 2017 (ISC)2® today announced a set of recommendations for the Trump Administration to consider as it approaches its 100th day in office. The recommendations were delivered to White House Chief of Staff and others on President Trump's team in order to urge prioritization of workforce development within the pending cybersecurity executive order and beyond.
During a December 2016 gathering sponsored by the (ISC)2 U.S. Government Advisory Council (USGAC), participants, including former Federal Chief Information Security Officer (CISO) Gregory Touhill and federal agency CISOs and executives, discussed transition planning from the cybersecurity workforce perspective. The following is an abridged list of areas that (ISC)2 has since identified as critical for the new administration to address. An expanded list can be viewed in today's (ISC)2 blog post.
-- Time Is of The Essence. The widespread and damaging effects of cyber threats are revealed on a daily basis. At the same time, the demand for skilled cybersecurity workers is rapidly increasing.
-- Consider the Progress Already Made. Cybersecurity is a bi-partisan issue. Critical work has been done over the last eight years to advance the cybersecurity workforce.
-- Harden the Workforce. Everyone must learn cybersecurity. We have to break the commodity focus of simply buying technology and stopping there, without focusing on training all users.
-- Incentivize Hiring and Retention. In today's world, a sense of mission doesn't always override good pay — incentives work.
-- Prioritize Investment in Acquisition, Legal and Human Resources (HR) Personnel. Acquisition, legal and HR professionals are essential players within the federal cybersecurity ecosystem.
-- Prevent Getting Lost in Translation. The government needs effective communicators who can translate technical risk to business leaders.
-- Civil Service Reform. The civil service system is broken and does not meet the government's needs.
-- Compliance Does Not Equal Security — Embrace Risk Management. In the government's quest for cyber resiliency, a risk management perspective will be essential.
-- A Standard Cyber Workforce Lexicon. Once finalized, the NICE Cybersecurity Workforce Framework should provide an excellent resource for workforce development.
"In a recent congressional hearing, (ISC)2 had the opportunity to present these recommendations in an effort to advocate for our members and the broader cybersecurity profession during the presidential transition and beyond," said Dan Waddell, (ISC)² managing director, North America Region. "Significant progress has been made over the past decade to advance the federal cyber workforce; our recommendations reflect the importance of building future cybersecurity policy — including the pending executive order — on the existing foundation."
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 120,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and EducationTM. For more information on (ISC)², visit www.isc2.org