You are here

Cyber Operations Preparedness and Education (COPE)

Description:

OUSD (R&E) Critical Technology Area(s):  Advanced Computing and Software

 

OBJECTIVE: The objective of the COPE STTR topic is to push forward the state-of-the-art in rapid and effective cybersecurity training to address the current skills gap in the cybersecurity workforce [1, 2].

 

DESCRIPTION: The US cybersecurity workforce currently suffers a deficit of over 400,000 skilled personnel [3]. Not only is there a shortfall of cybersecurity professionals, there’s a lack in the preparedness of hired professionals to perform critical cybersecurity tasks. Studies have found that only half of hired recent graduates in cybersecurity are adequately prepared to carry out their duties [4, 5]. That is, the skills gap is even worse than often stated, as even filled positions might represent missing talent.

 

One reason for this skills gap is the inadequacy of current training/education techniques. Training techniques need to be both scalable, to address the sheer size of the skills gap, and effectively in-depth, because adequately understanding the security of every additional layer in a system requires a workable understanding of the security of the underlying layers. Unfortunately, most current training approaches in cybersecurity fail to achieve both adequate scalability and efficacy to properly prepare learners in the foundational concepts of critical cyber operational skills. 

 

This lack of practical training/education puts mission-critical offensive and defensive cyberspace operations at risk and drives cybersecurity talent shortages. 

 

The objective of COPE is to push forward the state-of-the-art in rapid and effective cybersecurity training to address the current skills gap in the cybersecurity workforce.

 

PHASE I: Phase 1 of COPE will explore feasibility by:

  1. Conducting a study on cybersecurity job vacancies and required skillsets across the Department of Defense (DoD), intelligence community (IC), US government (USG), and industry; the study will identify specific security concepts needed by each;  
  2. Developing a curriculum and scalable training/education framework with technical capabilities to teach critical cybersecurity concepts such as network security operations, threat hunting, ransomware prevention and recovery, etc.;
  3. Identifying potential DoD, IC, USG, and industry benefactors of the advanced security training and working with them on pilot iterations of the training; and
  4. Demonstrating the pilot training capability and evaluating its efficacy.  

 

Phase 1 deliverables and milestones for COPE should include:

 

  • Months 2, 4, 6, and 8: report detailing technical progress made to date, tasks accomplished, current risks/mitigations, plan for the remainder of Phase 1 (e.g., tasks to be accomplished, planned activities/trips/meeting), trip/meeting summaries, and a summary of any potential issues or problem areas (technical or financial) that require the attention of the DARPA PM. Reports may be in the form of Microsoft Word or PowerPoint. 
  • Month 10: 
  • Final COPE study report on cybersecurity job vacancies and required skillsets;
  • Final COPE curriculum and education framework/platform that can host training material relevant to real-world problems encountered by cybersecurity engineers;
  • Training material to develop relevant real-world skills; and,
  • Final COPE delivery/demonstration of training capability and efficacy evaluation.

 

PHASE II: Phase II of COPE will focus on expanding the training platform by:

  • Increasing the amount and variety of material supported by the training platform by working with potential training benefactors to identify gaps and additional requirements; and
  • Increasing the scalability of training delivery. 

 

The goal of Phase 2 is to transition the COPE framework/platform into a significant DoD/IC/USG and industry footprint. 

 

Successful proposals will present a clear plan for conceptualizing, developing, and delivering a training platform that: 

 

  1. Scales to the scope needed to address the cybersecurity skills gap;
  2. Effectively conveys a wide variety of security concepts to newcomers to cybersecurity and to cybersecurity engineers seeking to improve their qualifications;
  3. Achieves results in a rapid enough fashion to fit into personnel training time; and
  4. Is applicable to and solves specific training problems in DoD/IC/USG and industry settings. 

 

Phase 2 deliverables and milestones for COPE should include:

  • Quarterly (with the exception of Month 24 and Month 36, if the option is exercised): reports detailing technical progress made to date, tasks accomplished, current risks/mitigations, plan for the remainder of Phase 2 (e.g., tasks to be accomplished, planned activities/trips/meeting), trip/meeting summaries, and a summary of any potential issues or problem areas (technical or financial) that require the attention of the DARPA PM. Reports may be in the form of Microsoft Word or PowerPoint.  
  • Month 24: 
    • Final COPE curriculum and education framework/platform;
    • Final training material documentation; and,
    • Final COPE delivery/demonstration of training capability scaled to at least 13 trainings per year across DoD/IC/USG and industry settings.

 

  • Month 36 (Phase II Option period): 
    • Final Phase II Option period technical report including details of COPE training framework/platform prototype efficacy against other state-of-the-art platforms/curriculums, including quantitative metrics for assessment;
    • Final COPE curriculum and education framework/platform;
    • Final training material documentation;
    • Final COPE delivery/demonstration of training capability scaled to at least 26 trainings per year across DoD/IC/USG and industry settings.

 

PHASE III DUAL USE APPLICATIONS: COPE has potential applications across the DoD/IC/USG and industry. For DoD/IC/USG, successful COPE approaches will provide a repeatable, reliable, effective, and scalable cybersecurity training capability. COPE has the same applicability for industry/the commercial sector. 

 

Phase III refers to work that derives from, extends, or completes an effort made under prior STTR funding agreements, but is funded by sources other than the STTR program. The Phase III work will be oriented towards transition and commercialization of the developed COPE framework. For Phase III, the proposer is required to obtain funding from either the private sector, a non-STTR Government source, or both, to develop the prototype into a viable product or non-R&D service for sale in government or private sector markets.  

COPE solutions will support national efforts to improve cybersecurity workforce abilities and help secure DoD/IC/USG and commercial networks by enabling a workforce qualified to handle mission-critical offensive and defensive cyberspace operations. 

 

REFERENCES:

[1] Mitchell, B. (2021, April 22). DOD grapples with the future of its cyber workforce. FEDSCOOP. https://fedscoop.com/dod-cybersecurity-workforce-struggles-dennis-crall-john-sherman/  

[2] Crumpler, William, and James A. Lewis. (January 2019). The Cybersecurity Workforce Gap. Retrieved from the Center for Strategic and International Studies website: https://csis-website-prod.s3.amazonaws.com/s3fs-public/publication/190129_Crumpler_Cybersecurity_FINAL.pdf 

[3] Fitzgerald, Jay. (2022, October 24). Cybersecurity Labor Shortage Grows Worse in U.S. And Worldwide: Report. The Channel Co. CRN. https://www.crn.com/news/security/report-cybersecurity-labor-shortage-grows-worse-in-u-s-and-worldwide

[4] St. Clair, Nelbert, and John Girard. "Are cybersecurity professionals satisfied with recent cybersecurity graduates?" In Journal of The Colloquium for Information Systems Security Education, vol. 7, no. 1, pp. 7-7. 2020. https://cisse.info/journal/index.php/cisse/article/download/103/103

[5] ISACA. (2021, May 4). New ISACA Study Finds Cybersecurity Workforce Minimally Impacted by Pandemic, but Still Grappling with Persistent Hiring Challenges. ISACA. https://www.isaca.org/why-isaca/about-us/newsroom/press-releases/2021/new-isaca-study-finds-cybersecurity-workforce-minimally-impacted-by-pandemic-but-still-grappling

 

KEYWORDS: Cybersecurity, Training, Education, Offensive Cyberspace Operations, Defensive Cyberspace Operations, Network Security Operations, Threat Hunting, Ransomware Prevention and Recovery

US Flag An Official Website of the United States Government