There is a pervasive talent deficit in cybersecurity that prevents employers from being able to find qualified job applicants. In a recent survey of cybersecurity professionals, most report that their teams are at least somewhat understaffed with open positions remaining unfilled. Many tools are available to bridge the educational gap for the cybersecurity workforce, but these tools do not take a holistic approach to security by addressing both operational technology (OT) and information technology (IT). With the recent convergence of IT and OT systems, vulnerabilities that were previously limited to IT have been introduced into the industrial environment. Therefore, it is vital to integrate industrial security concepts into current and future cybersecurity curriculum offerings. During this workshop, participants will learn about the CYBER security – Competency Health and Maturity Progression (CYBER-CHAMP©) model. CYBER-CHAMP was initially created as a tool for organizations to understand the security competency gaps in their workforce, but the model can also be utilized to inform academia and cybersecurity training providers. The model offers a methodology to increase security across an organization, which includes all work roles within a company and the best practices employees are expected to perform. Once these target roles are identified, the roles can be mapped to education and training options by identifying the everyday tasks an individual performs. This same mapping method can be used to reverse-engineer the education and training offerings that can be provided for students, the current workforce, veterans, and individuals in other disciplines who are interested in growing their knowledge of cybersecurity.
Jade Hott, Dr. Shane D. Stailey, Donaven Haderlie, Gary M. Deckard