On July 31st, the White House’s Office of the National Cyber Director (ONCD) released the much-anticipated National Cyber Workforce and Education Strategy (NCWES).  The release follows a months-long process during which the ONCD hosted expert roundtables, solicited public comment (CSET’s submission), and engaged with other relevant stakeholders. This new strategy seeks to empower not just the individual learner, but to incentivize the development of cyber education ecosystems across the country so that all students have the opportunity to gain fundamental cyber skills. Three imperatives guide and inform this new approach:

1. Leverage collaborative workforce development ecosystems to meet cyber workforce demands, 
2. Enable the lifelong pursuit of cyber skills; and,
3. Strengthen the cyber workforce through greater diversity and inclusion.

The National Cybersecurity Strategy, which preceded the NCWES, calls for two major shifts from previous approaches to national cyber security: 

1. Shifting responsibility for defending cyberspace from individuals and small businesses to the most capable actors; and,
2.  Altering incentives across public and private sectors to favor long-term investments in security.

The workforce and education strategy also prioritizes and encourages the development of more localized cyber ecosystems that serve the needs of a variety of communities rather than trying to prescribe a blanket policy. This is a much-needed and reinvigorated approach that understands the unavoidable inequities in both cyber education and workforce development but provides strategies for mitigating them.

Key NCWES Objectives

For example, Strategic Objective 2.3.1 tackles increasing the K-12 cyber teaching capacity, which is a major challenge to expanding access to cyber and computer science education. The U.S. Department of Education reports for the 2023-2024 school year that 32 states are experiencing teacher shortages in math and/or science, and 7 states report teacher shortages specifically in computer science. Objective 2.3.1 encourages colleges and universities to collaborate with state, local, tribal, and territorial (SLTT) governments and education agencies to develop innovation programs to increase the number of educators who teach cyber skills in K-12 systems. Federal departments and agencies will explore the use of grants and contracts to increase the pool of experts available to teach cyber. 

Additionally, SLTT educational agencies are encouraged to support policies to reduce barriers that result from credentialing requirements to enable greater educator mobility. In upcoming work, CSET will explore how K-12 Career Technical Education (CTE) pathways in artificial intelligence (AI) could mitigate such barriers because there are fewer requirements to becoming a CTE educator as opposed to a traditional classroom teacher.

Though the NCWES contains many notable strategic objectives, there are three additional items worth highlighting. The strategy:

1. Provides a definition of foundational cyber skills. The strategy considers digital literacy, computational literacy, and digital resilience as foundational cyber competencies. Each of these are already part of educational standards for most states. This definition can also help to inform the development and implementation of AI foundational skills as schools and states now move to incorporate separate and stand-alone AI educational pathways alongside cyber and computer science. 
2. Recognizes and uplifts the benefits of alternative pathways to gaining and developing cyber skills. CSET has long recognized the benefits and power of alternative educational pathways into both the cyber and AI workforces, especially the potential of community colleges. Specifically for cyber, competitions are underutilized educational tools that provide student participants with practical, industry-relevant cyber skills outside of the traditional classroom. Major national competitions, like the Air Force Association’s CyberPatriot or Carnegie Mellon University’s picoCTF, are just as much educational programs as they are extracurricular programs that are accessible to more students. However, there are barriers to participation as well. Through our work, we found that student success in cyber competitions does not solely depend on their exposure to or familiarity with cyber or computer science topics. Instead, student success also depends on access to prepared and agile educators or mentors, who are able to champion such cyber topics either in their classrooms or through after-school programs. Student success also depends on the support of school or district officials and the ability to access the necessary infrastructure like hardware and reliable Internet. At least five Strategic Objectives advocate for the use and implementation of such alternative educational pathways, like cyber competitions:
   • 2.1.2 Increase engagement in cyber education ecosystems.
   • 2.2.2 Enhance applied cyber content in interdisciplinary education programs.
   • 2.2.5 Expand innovative models for academic credit.
   • 2.3.7 Expand opportunities to earn credits for experiential learning in cyber.
   • 2.3.5 Encourage interdisciplinary approaches to teaching cyber.
3. Recognizes how the National Science Foundation’s (NSF) CyberCorps program can produce more cyber talent, but there are limitations. Ongoing CSET work is assessing trends of participating institutions in the CyberCorps program, which is a federal scholarship-for-service that awards generous scholarships to students. In exchange, students must work for the federal government, or other acceptable entities, for the same length of time as their award (up to three years). The NCWES specifically mentions the CyberCorps program six times when laying out ways to increase participation in cyber education and workforce pathways while acknowledging that the federal government will explore expanding the capacity of such programs. For example:
   • 2.3.4 Increase participation in advanced degree programs to expand the cyber faculty pipeline. …NSF will continue working to strengthen the cyber faculty pipeline by supporting funding for the CyberCorps Scholarship For Services and SaTC programs.
   • 2.4.3 Increase the participation of students and teachers in cyber scholarship programs. …The CyberCorps Scholarship For Service will continue to support undergraduate and graduate students pursuing teaching and other careers in cybersecurity.
   • 4.2.2 Grow programs that provide scholarships for federal service. Departments and agencies will explore the steps needed, including work with Congress, to expand the number of people matriculating through proven programs such as CyberCorps Scholarship For Service and CySP that provide scholarships in return for federal service.

A Note on the CyberCorps

While the CyberCorps program has been active for a little over two decades, it has collectively produced about 4,000 graduates. Expanding the CyberCorps program to produce more graduates is a key recommendation from the Cyber Solarium Commission 2.0. Specifically, achieving Strategic Objectives 2.3.4 and 2.4.3 is not as simple as awarding more scholarships. It must also consider policy levers like reducing total monetary awards to students or relaxing the caps on where recipients can and cannot fulfill their workforce obligations.  For example, the primary goal of the CyberCorps program is to recruit and retain talent for the federal cyber workforce, but other acceptable employment pathways include SLTT governments national laboratories, or returning to academia. However, SLTT pathways are capped at 20 percent of the total recipients and academic pathways are capped at 10 percent which significantly limits the number of students who can achieve advanced degrees or fulfill their workforce obligations in an academic and non-federal capacity. Fortunately, the strategy does acknowledge this limitation, suggesting that the current Administration will work with Congress to enable scholarship recipients pursuing doctoral programs to be eligible for five years of funding.

Conclusion

Overall, the NCWES supports and encourages a necessary multi-faceted approach to cyber education and workforce development. It is both encouraging and humbling to see many of our recommendations, such as the support for alternative educational pathways, become guiding strategic objectives. We are happy to see the shift away from larger blanket policies to instead empower SLTT government agencies while continuing to strategically fund and support promising federal programs like CyberCorps, the National Centers of Academic Excellence in Cyber (NCAE-C) Regions Investing in the Next Generation (RING) program, and CISA’s Cybersecurity Education and Training Assistance Program (CETAP). Current and future CSET research will continue to inform these discussions as stakeholders consider, implement, and adopt the strategic objectives laid out by the strategy.