(ISC)² Delivers Recommendations for Advancing Critical
Cybersecurity Workforce Issues to New Federal CISO
Talent Shortage, Needs of
General Versus Cyber Workforce and Awareness Improvement Must
Remain at the
Forefront During Presidential Transition, Says Professional Body
Alexandria, VA, October 24, 2016 – (ISC)2® (“ISC-squared”)
today announced a series of
recommendations for the recently appointed federal chief information security officer
(CISO) to consider in order to keep critical workforce
issues at the forefront during the coming year of presidential transition. The recommendations were delivered last week directly to Federal
CISO Brigadier General
(retired) Gregory J. Touhill,
government officials at the White House and the Office of Personnel Management,
as well as other influencers within the federal workforce community.
supported by data from The 2016 State of
Cybersecurity from the Federal Cyber Executive Perspective: An (ISC)2 Report, leaders are realizing that “people”
can be their organization’s greatest cybersecurity asset, or their greatest
liability. Federal executive survey respondents said that cybersecurity
within their agencies continues to be viewed largely as an information
technology endeavor, with many organizational departments ranking cybersecurity
as unimportant to their roles. Consequently, “people” through actions both
intentional and neglectful, remain the greatest security vulnerability to
federal agencies, according to nearly half of federal executive survey
During the June gathering of (ISC)2’s U.S.
Government Advisory Council (USGAC), Council members representing current and
former CISO-level executives from federal agencies and departments were asked to build on these survey outcomes with specific recommended actions that address the following topics:
- distinguishing between and addressing the needs
of the cyber vs. general workforce;
- improving awareness and vigilance across the
- and effectively addressing the shortage of talent
based on the evolving role of the cyber professional.
“Based on our research, advancing an organization’s security
agenda no longer rests upon educating its cyber workforce: rather, it must educate its entire workforce, across all departments, in cyber,” said Dan Waddell, CISSP, CAP, PMP, USGAC chair, (ISC)²
managing director, North America Region, and
director, U.S. Government Affairs.
“Our goal in delivering these
recommendations to Brig. Gen. Touhill is to support workforce prioritization and
facilitate dialogue among those in the federal CISO community as critical
decisions are being made during the upcoming presidential transition period,
a copy of the letter sent to members of the U.S. government cybersecurity
community that includes a complete list of (ISC)2’s recommendations,
please visit https://www.isc2.org/isc2-to-fedCISO.
(ISC)² is an international nonprofit membership association
focused on inspiring a safe and secure cyber world. Best known for the
acclaimed Certified Information Systems Security Professional (CISSP®)
certification, (ISC)2 offers a portfolio of credentials that are
part of a holistic, programmatic approach to security. Our membership, over
115,000 strong, is made up of certified cyber, information, software and
infrastructure security professionals who are making a difference and helping
to advance the industry. Our vision is supported by our commitment to educate
and reach the general public through our charitable foundation– The
Center for Cyber Safety and EducationTM. For more information on
(ISC)², visit www.isc2.org, follow us on Twitter or connect with us on Facebook.
# # #
2016, (ISC)² Inc., (ISC)², CAP, CCFP, CCSP, CISSP, CSSLP, HCISPP, SSCP and CBK
are registered marks of (ISC)2, Inc.
Courtney Jewell Beveridge