How Health Entities Can Tap DHS Tools for Cyber Skill-BuildingDHS Official Explains Cyber Education and Training Resources
Healthcare organizations can tap into educational and training resources of the Department of Homeland Security to bolster their cybersecurity workforce skills and talent development, says Noel Kyle of DHS.
The National Initiative for Cybersecurity Education framework, which was first unveiled by DHS in 2010-2011 and has been updated frequently to reflect changing workforce needs based on evolving cyberthreats, "is a common language to define, categorize and organize cybersecurity work," she explains.
"The NICE framework describes what cybersecurity work looks like, no matter where it's performed, or what sector," she notes in an interview with Information Security Media Group.
Healthcare organizations can use the framework "to build from when hiring, training and career planning and for overall cybersecurity workforce development," she says.
In the healthcare sector, she says, "sometimes there is a perception by smaller organizations that only large companies or large hospitals are being targeted by cybercriminals," she notes. But in reality, healthcare entities of all sizes are being targeted for their vaulable healthcare data, "and the rise of things like ransomware have only compounded the issue."
Cyber Talent Competition
Healthcare organizations are going after many of the same skilled cybersecurity workers as other large businesses, including professionals to help secure applications, networks and other IT, as well as incident responders and analysts, she says.
"So the training and education resources provided by DHS and the NICE framework can help organizations define the cybersecurity workforce they need, identify those people and bring them in, and once they're on board, define detailed career paths that help them plan out their professional development opportunities over time," she says.
DHS offers the Federal Virtual Training Environment, an online training platform; and the National Institute of Cybersecurity Careers and Studies, which provides a catalog of training courses offered by vendors across the country, she explains.
In another related move aimed at helping to make cyber talent recruiting more efficient - both inside the federal government and elsewhere - the National Institute of Standards and Technology recently updated NICE to include precise definitions of various cybersecurity jobs (see Refined Security Job Codes From NIST Help Recruting).
In the interview (see audio link below photo), Kyle also discusses:
- Cybersecurity skills that are in most demand,
- Cybersecurity skill weak spots and educational areas that are often overlooked;
- How healthcare entities can tap into educational resources to improve their cybersecurity workforce preparedness.
Kyle is a subject matter expert in cybersecurity workforce development, with a focus on the human capital lifecycle - from identifying and hiring talent to retaining and engaging workers. As a program manager within DHS' Cybersecurity Education and Awareness branch, Kyle manages programs such as the Federal Virtual Training Environment - or FedVTE - and its in-person component, FedVTE Live. In addition to her work at DHS, Kyle has more than a decade of experience managing financial, marketing and supply chain projects for Fortune 100 companies and small businesses.