Navy tightens cybersecurity training rules

The Navy secretary has  issued a directive calling on the service to establish policy and implement new training to better arm its information assurance workforce for cybersecurity challenges, according to a release from Rob Carey, the Navy Department’s chief information officer

Because “cyberspace and cybersecurity capabilities are essential to achieve warfighting and business missions across the operational force, expeditionary force, air, surface or undersea domains," personnel who provide cybersecurity expertise must be able to meet rapidly changing missions areas, the secretary’s instructions said.

According to the orders, Navy and Marine Corps deputy CIOs must ensure their respective information assurance workforces comply with identification, training and certification requirements. High-level Navy officials, such as commanding officers, commanders and civilian agency heads, must develop an implementation plan for information assurance workforce management, and major subordinate commands and high-level information officers are required to establish a chain of command and track and report compliance status.

Under the directive, issued July 8, DOD has established a Dec. 31 deadline to certify 100 percent of the military services’ IA personnel carrying out technical and management functions and 70 percent of personnel involved in computer network defense, architecture and engineering.

“Commanders [and] commanding officers should take immediate action to ensure command cybersecurity/IA billets are identified and the personnel and trained and certified to the required DOD baseline certification per service requirements,” the Navy CIO’s announcement said. The announcement suggestions for immediate action, among them “team training through the virtual training environment.”

The orders also provide for servicewide supervision of implementation through establishment of an IA Workforce Management, Oversight, and Compliance Council that will take the program lead.

Per the orders, the council will be in charge of these matters:

• Developing strategies;
• Ensuring compliance;
• Reviewing the enterprisewide picture of manpower and requirements and adjusting as necessary to meet the Navy IA mission;
• Validating training, education and certification standards and competency requirements, and;
• Assisting in career path development.

The Navy acquisition community is required to carry out the IA workforce requirements as well, according to Carey's announcement..