a NIST blog
This week’s blog post highlighting Cybersecurity Awareness Month is from NIST’s Rodney Petersen, Director of the National Initiative for Cybersecurity Education (NICE). In this post, Rodney discusses Cybersecurity Career Awareness Week, a week-long campaign that inspires and promotes the exploration of cybersecurity careers.
I am the Director of the National Initiative for Cybersecurity Education (NICE) in the Applied Cybersecurity Division that is part of the Information Technology Lab. I am also the informal lead for the “National Cybersecurity Awareness and Education Program” that is authorized by Congress in the Cybersecurity Enhancement Act of 2014 that includes NICE as well as the Federal Information Security Educators (FISSEA) community.
I arrived at NIST after a long career in higher education, including positions at Michigan State University, University of Maryland, and EDUCAUSE where I acquired experience and developed expertise in topics such as information technology and cybersecurity. My formal education is in political science, business administration, law, and higher education policy and leadership that prepared me for my work in the federal government that largely involves policy and program management. However, my career path has included some unusual stops along the way including my first job which was in student affairs administration, role as a university compliance officer for equity and inclusion, and a brief detail as an experiential learning instructor for AmeriCorps’ community service program. I would summarize my career path as a journey that prioritized obtaining higher education, blessed with timely opportunities, and built upon the foundation of networking and building relationships with others.
We know from CyberSeek.org that there are over 500,000 open jobs in cybersecurity and we recognize that cybersecurity is a relatively new career field. Consequently, we need to increase awareness of cybersecurity careers among youth, school counselors, teachers, parents, and others who can influence youth to pursue cybersecurity as a lifelong career. We also need to facilitate career discovery for all ages, including working adults who might be looking to change careers or those who are underemployed or unemployed. Most importantly, we need to diversify the cybersecurity workforce which means actively encouraging girls and women, people of color, people with disabilities, veterans, and others who are underrepresented to join the cybersecurity workforce.
It is cliché to say that “Cybersecurity is Everyone’s Job” – but it is true. Cybersecurity is a multidisciplinary field that requires individuals with technical skills as well as capabilities in areas such as research, engineering, data sciences, policy, risk management, law, and criminal justice. We need to continue to embrace an enterprise risk management approach to cybersecurity that values the proactive measures that organizations can take (i.e., security by design) in addition to the reactive measures that fall within the NICE Framework category of “protect and defend” (which includes incident response). Additionally, we are starting to see the utilization of machine learning and automation of security techniques (e.g., intrusion detection systems) that will increasingly replace manual interventions by humans which will free up resources towards the more proactive measures, including the development and design of automated solutions.
The deer, the geese, the ponds, and the grounds. NIST has a beautiful campus. More seriously, NIST is full of beautiful people, too, who are smart and talented, collaborative and collegial, innovative and inspiring, and nice and kind. I still remember my first day at NIST when I was warmly welcomed as the new “NICE guy”. NIST has a workplace culture that is very supportive, sensitive, family-friendly, safety-oriented, and inspires me to work hard and uphold its excellent reputation in the community.
Much like the overall cybersecurity and STEM workforce, NIST needs to become more diversified. We are wrestling with the challenge of ensuring the composition of our workforce demonstrates a commitment to gender equity and reflects a multiethnic population. NIST recently established an office of Diversity, Equity and Inclusion, but we know there is much work to be done. I personally think it would be great if we could match the diversity of the community surrounding our Gaithersburg, Maryland, campus and nearby Washington, D.C.
I’d like us to continuing making sure that our social media, website and other outreach opportunities showcase the diversity we do have, which is very important in helping us build and retain our desired future workforce. For one, it raises awareness among the broader public of how valuable diversity is to science, but it can also help to draw professionals and student interns, not to mention encourage our current staff. We need to continue to celebrate our heritage and accomplishments from the past while acknowledging diversity’s importance to the future of innovation, science, and technology and to NIST becoming known as a community of diverse learners and leaders.