Participants in the Federal Cyber Reskilling Academy’s second cohort haven’t all landed government cybersecurity jobs yet, but the contractor that handled the training is sharing its process for how it has benchmarked and tracked their progress
Comtech Telecommunications rated applicants’ potential to succeed in a cyber career prior to their admission into the cohort and for the first time administered hands-on CYBRScore skills assessments throughout the eight-week instructional period. The CYBRScore assessment was tailored to the cyber defense analyst (CDA) work role defined in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework.
But first, the pool of 600 federal employees that applied to the academy needed whittling down to 20 students across 10 civilian agencies and the Department of Defense. The Office of Management and Budget and Federal CIO Council didn’t require an IT or cyber background to apply, so Comtech asked general questions measuring 44 characteristics within the realm of aptitude, attitude and career interest.
Aptitude questions consisted of basic science, technology, engineering and math problems, while attitude questions gauged an applicant’s penchant for repetitive tasks and preference for working alone or in groups.
“We try and get those discerning features characterized up front, so at the end of the day, the cohort would be the best fit for success going through the overall program,” Alan Gush, academy director of CYBRScore, told FedScoop.
For instance, the CDA work role required candidates be committed to accuracy when interpreting data, but not so much so that they couldn’t complete assignments. Those characteristics were weighted more heavily.
Once the cohort was selected, subsequent CYBRScore assessments — conducted in a real-world virtual environment using open-source tools to do the data gathering — evaluated CDA knowledge, skills, abilities and tasks (KSATs) as laid out in the NICE framework. That meant no true-false, multiple-choice or fill-in-the-blank questions.
The first assessment baselined each student’s KSATs. Then CYBRScore divided the CDA work role into five functional areas for a total of five weekly assessments: protocol analysis, network defense analysis, network attack analysis, incident detection and incident handling.
“That’s a little bit nerve-racking, but it’s similar to…taking a certification exam,” said Erik Wallace, director of business development for CYBRScore.
An assessment might inform the student a hacker accessed the system and ask them to determine what happened leading up to the breach and identify the piece of data used in the intrusion, as well as the date it transpired. Or the participant might be asked to enumerate a network — identifying hosts by their internet protocols, noting their operating systems and which ports are potentially open.
Hundreds of data points were scored in real-time throughout each assessment, with the scores provided to students immediately after for them to track their progress. Scores were also used to personalize learning plans, with participants directed to specific training sets or hands-on virtual labs in areas where they were found to have skills gaps.
On the whole, the 19 participants that completed the academy showed “amazing gains in proficiency” between their baseline and final CYBRScore assessments, Gush said. In total, 16 of the 19 academy graduates finished in a higher experience tier than when they began.
Graduates received a certificate of completion Sept. 20 with 20% selected for cyber positions within their original agency or another since then, Gush said. Alternatively, graduates may have pursued developmental rotation assignments or additional cyber responsibilities within their current roles.
If OMB and the CIO Council opt to do a third cohort of the Reskilling Academy, Comtech would have to bid to run the program like any other company. But cyber aptitude assessments come recommended.
OMB has access to all the applicant data generated by CYBRScore through its contracting partner, the General Services Administration, for future iterations. And Federal CIO Suzette Kent hinted at their expansion in September.
CYBRScore would be interested in supporting a third cohort for OMB or training for any other federal agency — others having expressed interest, Gush said. Wallace said he would expect “slight tweaks” to the weighting of future assessments.
Agencies can find the offering on GSA’s Schedule 70 IT contract.
“So it is available as a distinct program, if agencies are interested in building out that capacity,” Gush said.