Protecting the infrastructure

IT workers must be better trained and educated to help protect the nation's infrastructure, experts and lawmakers say.

Information technology workers must be better trained and educated to help protect the nation's infrastructure, experts and lawmakers agreed at a recent hearing of the House Science Committee.

Officials at the National Science Foundation, the lead agency for cybersecurity research and education, are teaching many IT employees. The Cyber Security Research and Development Act authorizes $216 million between fiscal 2003 and 2007 for NSF cybersecurity education and training

programs.

"The advancement and availability of education, training and internship programs [are] paramount if we are to strengthen our nation's cybersecurity workforce," said Chet Hosmer, president and chief executive officer of WetStone Technologies Inc., a cybersecurity company that provides R&D services to the public and private sectors.

NSF officials sponsor programs to encourage students to use their cybersecurity training to work for the government. The organization's Scholarship Track provides grants to students in exchange for two years of work in the Federal Cyber Service. NSF's Capacity Building Track provides grants to colleges and universities to offer courses in cybersecurity.

"Job creation in the 21st century can only happen with a 21st-century system of education," said Rep. Sherwood Boehlert (R-N.Y.), the committee's chairman, during the July 21 hearing.

Some, however, argue that cybersecurity training must include not only IT personnel but also all employees of an agency or

corporation.

"Funneling cybersecurity practices to one person within a firm is bound to not work," said Beryl Howell, managing director and general counsel at Stroz Friedberg LLC and former general counsel for the Senate Judiciary Committee. "Everybody needs to know about what sort of vulnerabilities there are that the company is concerned about — not just outside hackers but people on the inside. Even if you have the best firewalls, people within the company need to make sure they don't show their passwords around. There are corporate spies."

NEXT STORY: Kerry plugs site