Sunday, May 22, 2022
  • BSides Prishtina 2022 – Arian Sheremeti’s ‘Understanding Cyber Security Threats And Challenges In Protecting Critical Infrastructure’
  • Joy Of Tech® ‘Elon Can Be Such A Dodo’
  • BSides Prishtina 2022 – Megi Bashi’s, Ryan Dinnan’s, Jacob Abraham’s, Joshua Pardhe’s ‘Hacking Back Scammers’
  • What’s the Latest on Cyber Talent and Staffing Shortages?
  • BSides Prishtina 2022 – Isuf Deliu’s ‘Ransomware-As-A-Service: Demystifying A Multi-Billion Dollar Industry’

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Events
    • Upcoming Events
    • Upcoming Webinars
    • On-Demand Events
    • On-Demand Webinars
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
    • Digital Anarchist
  • Media Kit
  • About Us

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Federal Agencies Fell Short in Assessments of Cybersecurity Employees, Finds Report

SBN

Federal Agencies Fell Short in Assessments of Cybersecurity Employees, Finds Report

by David Bisson on June 25, 2018

The skills gap poses a persistent challenge to organizations. Enterprises need a qualified workforce if they are to adequately defend against digital threats. This is true for every industry and is especially so for the public sector.

Cybersecurity Live - Boston

Acknowledging that fact, Congress enacted the Federal Cybersecurity Workforce Assessment Act (Act) in 2015. This piece of legislation requires the Office of Personnel Management (OPM) to develop a coding structure under the National Initiative for Cybersecurity Education (NICE) for cybersecurity positions and create procedures that facilitate the coding structure’s implementation for civilian cybersecurity positions. It also stipulates that 24 agencies covered by the Chief Financial Officers (CFO) Act must submit baseline assessments of their workforces and establish processes to apply OPM’s coding structure to their workforces.

Most of the CFO Act agencies submitted baseline assessments. In an effort to examine the OPM’s coding procedures and understand the progress of the Act’s implementation, the U.S. Government Accountability Office (GAO) reviewed the baseline assessments and coding procedures from the reporting agencies. It also interviewed personnel at both the OPM and the CFO Act agencies and published its findings in a report to congressional committees.

What it learned was less than encouraging.

Of the 24 CFO Act agencies that were required to submit baseline assessments, 21 of them complied with the Act and sent their analyses to Congress. Three agencies—the Department of Homeland Security, the U.S. Department of Housing and Urban Development and the Small Business Administration—did not submit assessments due to a lack of tools and resources, among other reasons. Even then, four of the agency assessments didn’t contain all relevant information, namely, they didn’t discuss the level of preparedness of employees without certifications to take certification exams. Additionally, one agency failed to discuss in its assessment how it planned to mitigate certification (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by David Bisson. Read the original post at: https://www.tripwire.com/state-of-security/government/federal-agencies-fell-short-in-assessments-of-cybersecurity-employees-finds-report/

June 25, 2018June 25, 2018 David Bisson certifications, Cybersecurity, Featured Articles, Federal, government
  • ← Making Continuous HIPAA Compliance Easy with ExpertOps
  • Cybersecurity Tips for Conveyancers and Solicitors using PEXA →

TechStrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Subscribe to our Newsletters

Get breaking news, free eBooks and upcoming events delivered to your inbox.
  • View Security Boulevard Privacy Policy
  • This field is for validation purposes and should be left unchanged.

Most Read on the Boulevard

Cybersecurity in the Boardroom: How to Report Risk to Leadership
Botnets, Telegram Helped Criminals Steal $163B in COVID Aid
‘Incompetent’ Tesla Lets Hackers Steal Cars — via Bluetooth
Anomaly Detection Using Alert Groups and Bayesian Networks
Strata Identity Proposes Standard to Simplify Identity Management
Radware Mitigates 1.1Tbps DDoS Attack
Securing Your Cloud with Zero Trust and Least Privilege
Why is everyone getting hacked on Facebook?
5 Things to know about the UK’s National Cyber Security Centre (NCSC)
Senators Urge FTC to Probe ID.me Over Selfie Data

Upcoming Webinars

Mon 23

Defending Against Emerging Ransomware Threats

May 23 @ 1:00 pm - 2:00 pm
Thu 26

Challenges and Opportunities for Improving Secure Coding Practices

May 26 @ 3:00 pm - 4:00 pm
Tue 31

Leveraging a Cloud Data Platform to Respond to Cybersecurity Events

May 31 @ 11:00 am - 12:00 pm
Jun 01

The 2022 Guide to API Security

June 1 @ 11:00 am - 12:00 pm
Jun 01

Security From Code to Cloud and Back to Code

June 1 @ 1:00 pm - 2:00 pm
Jun 08

Beyond Unification: How CNAP Should Reduce Cloud Security Risk

June 8 @ 11:00 am - 12:00 pm
Jun 08

When Less Is More: Full Life Cycle Serverless Security

June 8 @ 1:00 pm - 2:00 pm
Jun 15

Top 5 Reasons Why Effective SDLC Security Controls Are So Difficult

June 15 @ 1:00 pm - 2:00 pm
Jun 21

Why Cloud-Native Applications and APIs Are at Risk

June 21 @ 1:00 pm - 2:00 pm
Jun 28

CISO Talk Master Class Episode: Catch Lightning in a Bottle – The Essentials: Bringing It All Together

June 28 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Industry Spotlight

Establishing a Root of Trust in Embedded Linux and IoT
Cybersecurity Endpoint Industry Spotlight IoT & ICS Security Security Boulevard (Original) Vulnerabilities 

Establishing a Root of Trust in Embedded Linux and IoT

April 18, 2022 Anita Buehrle | Apr 18 Comments Off on Establishing a Root of Trust in Embedded Linux and IoT
Attorney-Client Privilege and Email Privacy
Cybersecurity Data Security Identity & Access Industry Spotlight Network Security Security Boulevard (Original) 

Attorney-Client Privilege and Email Privacy

April 7, 2022 Mark Rasch | Apr 07 Comments Off on Attorney-Client Privilege and Email Privacy
How MSPs can Fill the Cybersecurity Skills Gap
Cybersecurity Endpoint Industry Spotlight Network Security Security Awareness Security Boulevard (Original) 

How MSPs can Fill the Cybersecurity Skills Gap

February 17, 2022 Mike Adler | Feb 17 Comments Off on How MSPs can Fill the Cybersecurity Skills Gap

Top Stories

US Lawmakers Seek Uniform Policy on Nation-State Cyberattacks
Analytics & Intelligence Cyberlaw Cybersecurity Featured Governance, Risk & Compliance News Security Boulevard (Original) Threats & Breaches 

US Lawmakers Seek Uniform Policy on Nation-State Cyberattacks

May 20, 2022 George V. Hulme | 2 days ago 0
‘Incompetent’ Tesla Lets Hackers Steal Cars — via Bluetooth
Analytics & Intelligence Application Security Cybersecurity DevOps Endpoint Featured Governance, Risk & Compliance Identity & Access Incident Response IoT & ICS Security Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

‘Incompetent’ Tesla Lets Hackers Steal Cars — via Bluetooth

May 19, 2022 Richi Jennings | 3 days ago 0
Conti Ransomware Gang Threatens Costa Rica’s Government
Cybersecurity Data Security Featured Governance, Risk & Compliance Malware News Security Boulevard (Original) Spotlight Threat Intelligence Vulnerabilities 

Conti Ransomware Gang Threatens Costa Rica’s Government

May 19, 2022 Nathan Eddy | 3 days ago 0

Security Humor

Joy Of Tech® ‘Elon Can Be Such A Dodo'

Joy Of Tech® ‘Elon Can Be Such A Dodo’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsors Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Techstrong Research
  • Techstrong TV
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
  • Digital Anarchist
Powered by Techstrong Group
Copyright © 2022 Techstrong Group Inc. All rights reserved.