Cybersecurity Supply-Chain Workforce Management and Skills Gap Development TRANSFORMING THE NEXT GENERATION WORKFORCE Students learn the skills employers look for!
Global Problem - Critical Issues Winning the War-for-Talent All fishing in the same pond for the top 5% when there a thousands of good candidates outside of traditional hiring methods. Greater Scalability - Less Cost Wider/Global reach for candidates Students gain workplace skills while still at University. Workplace Skill Applied Project Based Learning Scaling a workforce of cyber skilled resources Accelerate training of students Winning the War for Talent Cut Cost And Time To Productivity New hires hit the ground running Hiring grads at $60K on 24 month development; leave in 9 months at $120K unsustainable NY Bank. Industry Recognised Transferable Skills Common taxonomy for job-role definitions agreed - and Certificates recognized by industry Enterprise Skills Inventory and Development Works for internal use cases too
Imbalance Too Many Threats External Threats 62% increase in breeches in 2013 1 On average, an advanced threat goes unnoticed on victim s network for 8 months 2 $3 trillion total global impact of cybercrime 1 1 in 5 organizations have experienced an advanced persistent threat (APT) attack 3 2.5 billion exposed records as a result of a data breach in the past 5 years 1 Approx. 1 million new malware variants a day, for an overall total of 1.7 Billion 4 1 in 6 mobile applications are classified as malware 4 Too Few Professionals 62% of organizations did not increase security training in 2014 3 1 out of 3 security pros are not familiar with APT attacks 3 < 2.4% of graduating students hold computer science degrees 7 1 million unfilled security jobs worldwide 8 83% of enterprises currently lack the right skills and human resources to protect their assets 9 Insider Threats About 58% of data security threats originate from employees, ex-employees, and trusted partners 5 A single insider attack costs a company on average $412,000 5 Estimated 75% of all insider attacks go unnoticed 6 While enterprises are under siege from a rising volume of cyberattacks, the global demand for skilled professionals sharply outpaces supply. Unless this gap is closed, organizations will remain at risk. Comprehensive educational and networking resources are required for everyone from entry-level to experienced professionals to meet the needs of organizations. Sources: 1. Increased Cyber Security Can Save Global Economy Trillions, McKinsey/World Economic Forum, January 2014; 2. M-Trends 2013: Attack the Security Gap, Mandiant, March 2013; 3. ISACA s 2014 APT Study, ISACA, April 2014; 4. Symantec,2015; 5. C. Bunn, 'How IT Teams can Prevent Insider Threats from both Malicious and Careless Activity. - Enterprise Network Security Blog from ISDecisions', 2013; 6. SpectorSoft 2014 Insider Threat Survey, 1st ed. 2015, pp. 1-2; 7. Code.org, February 2014; 8. 2014 Cisco Annual Security Report; 9. Cybersecurity Skills Haves and Have Nots, ESG, March 2014
Mind the gap! Cybersecurity Workforce Alliance (CWA) 1. Standards, Approach and Engagement NICE Taxonomy, Role Profiles, Assessments 2. Aligning Education with Industry Awareness, Experience, Workforce Ready Supply 3. Human Capital Supply Chain Workforce Management and Skills Development
Passport Trusted Data User Experience Skills & Work Product Role Profiles Competencies & KSAs Matching Library Projects Real-World Challenges Assessments Lesson Plans Resources
Cybersecurity Workforce Alliance (CWA) Original Founders Federal Reserve Bank NY Bank NY Mellon Morgan Stanley Goldman Sachs Fidelity Investments Capgemini JPMorgan Chase Express Scripts Standard Chartered Bank FCC Perkins Coie RANE Network
CWA Mission Purpose Improve the cyber security skills and scale the college student and employee workforce, so they are more attractive to hire and can provide almost immediate value to the public & private sector by improving a company s Cyber Security capabilities. Reduce the amount of training for college hires Focus Create the perfect student candidate profile Real-World Experience - the "Epic Challenge" Increase Awareness and Experience Align Professional Certificates to Role Profiles
CWA Members/Momentum Jan 15 SIFMA & CUNY (Securities Ind. Financial Markets Assn 480 members) supports Launch at City University of New York April NICE asks iq4 to lead Workgroup for Private Sector July FSSCC (Coordinating Council 10k members) launches Workforce Workgroup August Internal Adoption large FS institutions begins September SUNY launches University at Albany October Federal Communication Commission discuss alignment October Utilities Telecoms Council discuss alignment October CWA EMEA Launch in London November 2015 NICE presentation!
Education and Industry - Standards Role Profiles Professional Certificates CWA Extensions Private Sector TECH-RISK Interesting, highly paid, front end challenging Business Resilience Needs sector and employer s business awareness and time on the job Gov, Risk, Compliance Needs GRC understanding, Jurisdiction Examiners/Regulators Not enough skills and people in GRC as they are all moving to the front line
Competency Based Real-World Challenges Connecting Education And Industry s Via Epic Challenges. Learned Knowledge Applied Knowledge Education Virtual Epic Challenges Industry Professional Certificates Competency Alignment Job Roles. Workforce Ready Candidates
People Not Aware Of Need Or Opportunity 79% Never spoken to a cybersecurity professional. This affects how much millennials know about the types of work involved in the field
Epic Challenges Accelerate Training While Students in School Having the poise, confidence and knowledge equal to someone with 12 months experience (Federal Reserve Industry Mentor) Academia 2-3 hours per week. Credited Course / Project Industry Mentors Industry team mentors 2-3 hours per week. Assessments Defines Challenges Students 10-12 hours per week Awareness Experience U.S. Employee Training $590 Billion Savings $30 Billion CWA FUNDING 1% $590 Million 1.5 million positions @ $20k industry cost savings per position with iq4. Currently running The Threat Within designed by the CWA to develop the skills they for priority next-hires.
SUNY & University at Albany & CUNY & John Jay College of Criminal Justice Connecting Industry and Education TRANSFORMING THE NEXT GENERATION WORKFORCE Students learn the skills employers look for!
Student Demographics 17 Students Selected 4 Role Profiles (Governance, Risk, Behavioral, IT) None with prior applied learning experience Only a few had Cybersecurity experience The students presented with the poise, confidence and knowledge of a newly hired student completing one year of training Industry Mentor
Epic Challenge Statistics 40 Students 30% of students participating switched concentrations to Cybersecurity 34,545 Page Views 2x 2,853 Sessions 30%+ 13.35 Avg Pages / Session 12:11 Mins / Session 50%+ NOW YOU CAN JUDGE THE RESULTS 6 WEEKS IMAGINE WHAT WE CAN DO?
Human Capital The Next Supply Chain Job-Roles On A Common Taxonomy Next Generation (CWA) Sourcing Student Supply Alignment of Education with Industry, connecting students with Real-World projects SCALING Virtual Internships Project-based team learning experience; industry mentored, stackable credentials Productivity Cut Time and Cost 6-12 week virtual-internships = 12 months of work experience (Industry Mentor). Saves $10 - $30K per month Internal Use Case Resilience/Agility Skills Gap Closed Human Capital Supply Chain Management take care of our greatest assets Career Pathways Progression mapping Personal and team, retention, retirement / succession planning, Inventory Skills Profile Passports Critical Roles, Staffing and Proficiency Levels, Career Trajectory Skills-Gap Development
Life Cycle of Learning Common Standards/ Frameworks Job Roles, Taxonomy And Platform Nullam eu tempor purus. Nunc a leo magna, sit amet consequat risus. Etiam faucibus tortor a ipsum vehicula sed suscipit. Verified Data Student Employee Resource Inventory Stackable Credentials Skills Gaps Dashboard Industry Curricula Career Development Scalable Virtual Reach Productivity Agility Assurance
CWA - Alliance Objectives Standards / Frameworks NICE - CWA defines extensions for Industry Taxonomy: Competencies, KSAs Role Profiles Professional Certificates Epic - Challenges Cyber-Internships Industry greatest challenges Awareness Experience Workplan: Syllabus, Curriculum, Role Profiles, Assessments Accelerates Training Slash cost and time to productivity Level the Playing Field Broaden reach Cast a wider net Tooling (iq4 Platform) Workforce Management and Skills Development Role Based Critical Staffing and Gaps Career Pathways Progression Mapping
CWA A Global Response To Cyber Threat CWA Agreed Extensions To NICE BY MEMBERS, FOR MEMBERS CWA -USA New York City & State Includes: SIFMA, FSCC, FCC, UTC, Banks, Healthcare, City Uni NY, State Uni NY Capgemini, Universities, Community Colleges Global Promotion & Adoption CWA -EMEA London/EMEA Includes: Lloyds Banking Group, BNY Mellon, Morgan Stanley, Goldman Sachs, Police Cybercrime Unit, Emergency Planning Centre, Capgemini, Universities, Community Colleges Future CWA-APAC (Future) India/APAC In discussion CWA Member s Offshore workforce USA & EMEA members with APAC Operations or Offshoring
Digital Badge CWA Certified Graduate Hire
Role Profile
Career Pathways
Competencies And Gaps Dashboard Analytics And Dashboard
A N A L Y T I C S Competencies And Gaps Dashboard
Summary NICE Framework is Systemized Now CWA extensions supported by DHS/NICE for all Public Sector Growing adoption by industry and industry bodies: SIFMA, FSSCC, NCC, UTC.. It works! The students presented with the poise, confidence and knowledge of a newly hired student completing one year of training Industry Mentor
Contact Frank Cicio, Founder and CEO, iq4 e frank@iq4.com m 201 914 4655 Peter Meehan, SVP International, London e peter@iq4.com m +44 7788 715 517