by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : October 2016
October 2016 FCW.COM 47 t’s a familiar refrain: Cybersecurity is a per- sistent, evolving problem, and addressing it requires top-notch IT specialists, which the government has a hard time hiring and retaining. Although it’s clear the shortage of skilled IT specialists is exacerbated by government’s inability to match the wages the private sector offers, many say agencies can still attract up-and-coming cyber- security professionals by bringing their missions directly to prospective employees. “The government doesn’t have as big of an issue attracting the cyber workforce as they think that they do,” said Karen Evans, who has 28 years of govern- ment experience. As administrator of e-government and IT during the George W. Bush administration, Evans was the de facto federal CIO. She founded the U.S. Cyber Chal- lenge in 2010 with the goal of finding and educating the next generation of cybersecurity professionals. Since USCC’s inception, more than 1,200 students have participated in roughly 25 events at colleges and universities nationwide. To qualify, applicants must pass a graded exercise that takes both accuracy and speed into account, and only the highest achievers are accepted. USCC’s five-day cybersecurity boot camps offer intensive instruction on a variety of concepts — including intrusion detection, penetration testing and forensics — and they culminate in a capture-the-flag competition on the final day. A stated purpose of the USCC, which receives funding from the Department of Homeland Security, is “building the network of a skilled cyber workforce,” Evans said. Other agencies, including the FBI, also sponsor USCC, and representatives come to the camps to pitch participants on government work. Although federal agencies clearly need more cyber- security professionals, Evans said attracting enough applicants for the jobs is not the problem. “They have a huge amount of people who apply,” she said. “You can get the quantity no problem.... Try- ing to funnel that down into the quality ones is where the competitions and the camps come into play.” Evans noted that the ways cybersecurity and state- sponsored hacking are glorified on TV shows such as “Mr. Robot,” “Criminal Minds” and “NCIS” serve as free recruiting for government work — but pri- marily for a handful of high-profile intelligence and security agencies. Agencies that do not have the benefit of appeal- ing pop-culture depictions can use the camps as a vetting tool, she said, because they “know there’s a certain skill level there because [participants] had to pass the test, fill out the applications, perform on the labs.... They know there’s a certain amount of rigor that person’s already gone through.” The Federal Communications Commission is among the agencies that have used the camps to fill its IT needs. “I spoke at the USCC in Delaware and was really impressed with the skills of the entire workforce,” FCC CIO David Bray said. “At the USCC, I can meet these people, get to know them and their perspec- tives, and share what it is that we do.” The FCC also hired USCC teaching assistant Doug Logan to join its cybersecurity team. Evans said word of mouth has become one of the biggest promotional tools for the cyber camps because the community is so close-knit. So who is attending the camps, and what inter- est do they have in working for the government? FCW attended the recent Cyber Challenge camp and competition at Southern Utah University to find out. Chris Fiorille: ‘I’m a big proponent of hands-on training’ Shortly after arriving at California State Polytechnic University, Pomona, Chris Fiorille asked one of his professors where the data center was. The profes- sor said the university did not have one, and Fiorille recalls responding, “OK, so how do we get this thing started?” Now, to his and his professor’s knowledge, the uni- versity has the only entirely student-run data center in North America. Fiorille has done internships at several compa- nies at a variety of positions up and down the totem pole — including at Warner Brothers around the time of the Sony hack. He has attended USCC’s Western Regional Cyber Challenge as both a camper and a teaching assistant, and hopes to be able to continue helping out. “I’m a big proponent of hands-on training that’s as realistic to real-world environments as possible,” he said. “If you’re an IT worker, can you imagine if email servers went down for a day? There’s no grade. No F is going to bring that system back online. It’s up to you to get it going, and there’s real-world pres- sure on you.” Fiorille said he also values the networking and community of USCC. “Security is a small community,” he added. “You see these same people repeatedly at these events.” So when he began looking for a full-time employer, Fiorille had a clear idea of what he wanted, and com- munity outreach and employee appreciation were at the top of the list. 1016fcw_046-049.indd 47 10/11/16 2:40 PM
September 30, 2016
November and December 2016