The White House released its National Cybersecurity Strategy (NCS) in March, and the Office of National Cyber Director (ONCD) is working fast to develop an implementation plan and a workforce strategy to build a more resilient future.

Acting National Cyber Director Kemba Walden sat down with Dave Levy, vice president of U.S. government, nonprofit, and healthcare businesses at AWS, on June 7 to discuss the new cybersecurity strategy at the AWS Summit in Washington, D.C.

“We’ve been working on implementation of that strategy – we hope to execute our implementation plan soon. And along with that, we’ve been working on our workforce strategy that should be executed at some point soon. We’ve been working hard and fast,” she said.

The NCD office has been targeting June as a “soft target” for release of the NCS implementation plan.

While there are lots of options in the strategy’s toolbox, Walden explained that ONCD is focused on three key areas to build a more resilient future through the National Cybersecurity Strategy.

“The idea of building a resilient future – for those of you in the room – would include improvements to technology,” Walden said. “But it’s also improvements to people and how we react to cybersecurity attacks and how we challenge them, and it’s also the roles and responsibilities. The C-suite – who’s responsible for what, who’s accountable for what, who’s guarding the gates, and are there any gaps there.”

When looking at how to invest in cyber resilience, Walden said technology is often the obvious piece to focus on. But as for the people piece, she stressed that “we need to focus there, perhaps even more than the technology piece from my point of view.”

The acting national cyber director said the upcoming workforce strategy aims to invest in cyber resilience so that 10 years down the road, the United States is not running into the same problem of having hundreds of thousands of unfilled cybersecurity positions.

“When we started thinking about how are we going to deal with the immediate problem of filling those jobs, the question then became … well, what’s the pipeline that we’re building for those jobs? Because the truth is, we’re filling the jobs, but the supply is outpacing the demand,” Walden said. “It’s almost like we don’t have enough to fill those jobs at the speed that we need to fill them.”

“So, our strategy is to think that through,” she added. “It’s an ecosystem sort of approach. It’s dealing with the immediate now, how do we fill the jobs now? But then, what does it look like in 10 years? What’s the pipeline in 10 years so that we don’t find ourselves in this situation again?”

Walden said the workforce strategy will take aim at not only raising the digital literacy of the national cyber workforce, but also the general population. It will look at improving today’s cybersecurity workforce through upskilling and reskilling, but also at improving the educational system to “meet the moment,” she said.

“How are we integrating curricula so that, in addition to reading and writing, we have computational math in a way that my seven-year-old is going to be able to deal with and manipulate generative AI in 10 years?” Walden said. “What are the skills that we’re building into our curriculum in schools and vocational training facilities to be able to meet the moment?”

Walden said that workforce strategy will take aim at all of those areas, and it “hopefully will come out in a few months.”

Levy noted that AWS is in alignment with President Biden’s cybersecurity priorities and policies, including the National Cybersecurity Strategy. AWS released a blog post on June 7 detailing how it’s working to enhance cybersecurity outcomes in ways that align with the new strategy.

“It’s been particularly top of mind for us at AWS and for our customers,” Levy said of the strategy. “We have a saying at AWS of ‘security is job one.’ It’s everybody’s job at AWS and we think about it every day. It’s the first priority for us, our customers, our partners, and all of our stakeholders, and we’re really committed to that.”

“It’s something that we think about in almost every engagement that we have, and we’re committed to building a really resilient future for our customers and partners, globally,” he said.

Read More About
More Topics
Grace Dille
Grace Dille
Grace Dille is MeriTalk's Assistant Managing Editor covering the intersection of government and technology.