With the threat of ransomware, phishing attacks and cyberattacks increasing across all sectors, businesses are struggling to keep up. These skills gaps have left security operations teams unable to properly monitor and respond to a growing number of threats, software vulnerabilities and attacks. To help solve this issue, the Biden administration recently held a 120-day cybersecurity apprenticeship sprint to fill a longstanding workforce shortage. The sprint, which was announced at a National Cyber Workforce and Education Summit earlier this year, included an effort to boost pathways into the field using Registered Apprenticeship programs.
The program allows for a combination of on-the-job training, classroom instruction cyber sprint and mentoring from a professional that results in a recognized credential. It is an effective way to build a skilled and diverse workforce while also increasing business competitiveness, enhancing worker retention and reducing the time it takes new workers to become fully productive.
The Cybersecurity Apprenticeship Sprint was launched by the Labor Department in partnership with the White House Office of the National Cyber Director, the Departments of Commerce, Homeland Security and Defense and a host of other federal agencies. It included a collaboration with major private sector companies such as IBM, Cisco and McDonald’s, along with community groups like Howard Community College and Island Mountain Development Group to develop the largest cybersecurity registered apprenticeship program in the country.
More than 7,000 apprenticeships have been launched as part of the sprint, according to a White House fact sheet. There are now 714 cybersecurity-related registered apprenticeship programs and more than 42,000 apprentices working in these positions. Officials said they would continue to work with various groups, including K-12 and higher education, employers, unions and workforce partners to introduce more workers to the career opportunities in this critical field.
While some of the progress made through the sprint is encouraging, there is still much to be done. A document obtained by Federal News Radio reveals that, as of June, federal agencies were only closing about half of their critical vulnerabilities. The document did not name individual agencies or reveal specific numbers because of national security concerns.
In addition, many of the security tools used by federal agencies are outdated. To address this, the White House is preparing to release a new National Cyber Strategy that includes an initiative to modernize those tools.
A lack of security tools has left water utilities vulnerable to a wide range of threats, and the government is working to remedy this with an upcoming proposal to allow them to use new technology that can detect and respond to cyberattacks against their systems.
This new proposal will be built upon a series of recent successes, including the DHS’s Cybersecurity Sprint for Water and the creation of an ICS Cybersecurity Toolkit. It will include guidance for water utilities to assess their current capabilities, set benchmarks and track their progress in implementing cybersecurity best practices. It will also include a roadmap for water utilities to develop and implement a plan to deploy ICS monitoring technologies, which are essential in the fight against cyberattacks against critical infrastructure.