Noblis’ Roger Mason: Career Path Understanding Key to Cyber Workforce Training, Retention Efforts

cyber hack network computerThere has been no shortage of research materials over the past year that point to a fear among government and private industry leaders that the U.S. does not have the needed numbers or proper skillsets in its cybersecurity workforce and could feel some consequences as a result.

One survey from Raytheon and the National Cyber Security Alliance said almost half of respondents aged 18-26 — “millennials” — claimed no cyber education programs or activities were available to them, while Intel Security and the Center for Strategic and International Studies found more than two-thirds of information technology executives said low IT security staff sizes made organizations at risk for “direct and measurable damage” and “desirable hacking targets.”

A key aspect for government and business to consider is helping prospective cyber workers understand viable career paths in the field through both education programs and in-career training initiatives, according to Roger Mason, senior vice president for national security and intelligence at Noblis and a former assistant national intelligence director for systems and resource analyses.

Roger Mason
Roger Mason

“Post-college training requires a mixture of applied development and on-the-job skills in order to make a difference there. And, you have to think about the lifecycle of the cyber workforce from recruitment on the front end through retention and career progression. There are different generational aspects we should be mindful about in terms of how best to approach workforce development,” Mason said.

Mason spoke to ExecutiveBiz on the heels of his July 26 appearance at the International Conference on Cyber Security in New York City to give other leaders in the public, private and academic sectors his perspective on the computer security environment and to offer a definition of what he called the “cyber threat analyst tradecraft.”

That tradecraft, he told ExecutiveBiz, can be broken out into two skillsets: first the ability to see the larger picture of the threat environment, and second to both identify patterns and understand trends in data acquired by machines.

“You don’t need a cyber threat intelligence analyst to do tactical monitoring of your network. You do need them to get the context of why an organization is getting persistent attacks and what the attacker is looking to gain,” Mason said.

Machines and other technology platforms have largely taken over the job of threat data collection and that has shifted the cyber analyst’s job to one that looks for common threads in the information, according to Mason.

“Cyber intelligence tradecraft is rooted in the traditional cycle of tasking, collection, processing, exploitation and dissemination,” Mason said.

“The trick is doing it at ‘cyber’ speed commingled with those who defend the networks everyday.”

You may also be interested in...


Immervision to Develop sUAS Wide-Angle Camera Under DIU Program

The Defense Innovation Unit has tapped Immervision to build a wide-angle computer vision camera for small unmanned aerial systems.


DHS Posts Night Vision Tech RFI to Aid S&T Market Survey

The Department of Homeland Security has issued a request for information to seek inputs from industry on night vision technologies in support of a market survey by the National Urban Security Technology Laboratory under the DHS Science and Technology Directorate.


Comtech Books $175M Contract for 911 Services in Pennsylvania

Comtech Telecommunications has secured a potential $175.1M contract to assist the Commonwealth of Pennsylvania in designing, implementing and operating 911 services across the state.