NSA从娃娃抓起进行网络安全教育引发深思
2机翻,不合理之处,请查看文末英文,自行翻译。
美国国家安全局/中央安全局(NSA/CSS)的国家密码学校正在扩大其网络教育计划的范围。学校的教育、创新和外展中心有许多与网络相关的项目,为小学、初中、高中、大学和研究生提供支持。尽管在其既定计划中取得了巨大进展,但国家安全局仍在努力为美国服务欠缺的地区提供网络教育。
该机构的网络安全教育计划旨在增加未来人员的网络知识。
“我们国家的某些地区在K-12网络安全教育方面非常非常好,”K-12网络教育任务负责人格里利Ashley Greeley说,主导单位有教育、创新和外展中心;国家密码学学校;国家安全局 (NSA)/中央安全局。“它们通常在军队或联邦政府强大存在的地理区域。但是,在中西部各州、农村地区和城市环境中,我们还有很多工作要做。这些是目前的目标,我们希望确保无论情况如何,学生都可以接受到教育。”
NSA最大的网络安全教育计划,即国家网络安全学术卓越中心(NCAE-C),涉及335所大学、学院和社区学院。据美国国家安全局称,美国国家安全局将NCAE-C称号授予那些致力于培养网络安全专业人员以减少美国国家基础设施漏洞的学校。该机构在联邦层面与国土安全部的网络安全基础设施安全局以及联邦调查局合作开展该计划。
“该计划在大学层面的目标是通过培养下一代来改善我们国家的网络安全态势,”格里利解释说。“这些学校符合项目办公室制定的一系列标准。他们被认定他们的课程在严格性、广度和范围上都适合教育或研究。”
这些学校收到的说明是,它们要么是网络防御、网络研究或网络运营方面的学术卓越中心。这种区别,学校可以追求多个方向,使机构能够竞争拨款:例如来自国防部网络安全奖学金计划(DoD CySP)。这些学校还可以申请成为美国国家科学基金会 (NSF) 服务奖学金计划的一部分。
作为她努力的一部分,格里利与NCAE-C指定机构合作,这些机构获得拨款以增加K-12级别的网络安全教育。“例如,在2020财年,阿拉巴马大学亨茨维尔分校和伊利诺伊州的梦莲谷社区学院都获得了一笔赠款,用于启动一个名为RING的区域下一代投资项目,”她澄清道。“这两家机构及其学术合作伙伴为阿拉巴马州和田纳西州的高中生开发了在线网络安全课程。学生来自家庭学校网络、农村地区和资源不足的学校。除了课程内容和课程之外,他们还为学生开发了交互式实验室和虚拟体验,因为我们知道很多时候,当您开始进行网络安全时,网络会更具吸引力。RING项目的最终目标是让学生了解网络安全内容和网络安全职业。”
鉴于RING项目的初步成功,美国国家安全局增加了其计划拨款,为中学生开发资源。“我们有一些机构正在与他们的州教育部合作,试图将网络安全视为学生可以获得内容的课程,教师可以获得证书,以便他们可以教授网络安全,”她指出。“我们还有一些机构正在与初中和高中教师合作,让他们获得认可,可以在当地教授网络安全,能做到这么多事情,我们真的很兴奋。”
对于尚未获准进入NCAE-C的学校,DoD CySP为大学生提供奖学金和实习机会。“国防部机构或组织选择学生从事全职工作,学生通过他们的大学生涯获得资助,”格里利说。“而且他们也有机会在该机构实习。“反过来,每一年获得奖学金的学生需同意在为国防部工作至少一年。”
网络奖学金工作的另一部分是赋予国防部现有员工权力。她补充说,它支持文职和军事人员攻读网络相关领域的硕士或博士学位,还涉及服务承诺。
美国国家安全局还扩大了其所谓的NCX网络演习计划的范围。它现在包括美国高级军事学院——城堡、诺里奇大学、德克萨斯农工大学、北乔治亚大学、弗吉尼亚军事学院和弗吉尼亚理工大学——以及传统的服务学院。该计划的特点是在这些学校的整个学年中进行教育、活动和主题专家参与。它以四月份为期三天的黑客马拉松比赛结束,其中包括展示防御性和进攻性网络技能。
“去年,他们还将NCX扩展到高级军事学院,”格里利指出。“这是他们第一次这样做。高级军事学院和服务学院在一系列挑战中竞争,获胜者获得奖杯和吹牛的权利。2021年,获胜者是美国海军学院。这是一次非常巧妙的联姻合作。”
美国国家安全局公共事务官员Akhirah Padilla 补充说:“这确实是拥有最好的网络程序。我们专门为军队创建了该计划,以便我们可以帮助他们成为网络领域的下一代军事领导者。在过去几年中,越来越多的学校不断与我们联系并要求我们提供参与机会。”
此外,Greeley还负责监督两个项目,即GenCyber项目和STARTALK资助项目。
GenCyber计划向K-12机构提供年度赠款,以提供为期一年的网络安全教育信息,最终为学生和教师举办为期一周的网络夏令营。NSF是该计划的资助合作伙伴,以及一些联邦机构的合作支持。“每年,我们都会发出提案征集通知,学术机构竞相主办GenCyber计划,”她说。2021年,44个州和波多黎各举办了网络营地。该计划正致力于在阿拉斯加、特拉华州、爱荷华州、缅因州、北达科他州和俄勒冈州建立GenCyber教育计划。
同时,类似的STARTALK资助计划侧重于小学、中学、高中和大学水平的学生和教师的外语学习。她说,国家情报总监办公室为STARTALK提供协作支持。
“STARTALK的使命是增加学习、口语和教授急需外语的美国公民的数量,”格里利分享道。“该计划为学生和教师提供创造性和引人入胜的暑期体验,努力体现语言教育和语言教师发展的最佳实践。”
在印第安纳州为高中生教授美国历史和美国政府15年之后,格里利知道她不想成为学校管理员,而这是课堂教师的常见职业道路。她听说过 NSA 的网络教育工作,并看到了将网络教育带入她的学校的重要性,这后来发展成为国家层面的承诺。
“在我过去几年教学的夏季几个月里,我能够作为承包商为NSA的GenCyber项目工作,”她解释说。“我了解了该计划,但更重要的是,我了解了网络安全和网络安全教育。我把夏天学到的很多东西都融入到我自己的课程中。我对将网络安全融入多个学科产生了热情。作为一名平民,在我目前的角色中工作让我能够满足我的两个热情,即为国家服务,同时也利用我在课堂上发展的技能来帮助推进国家层面的网络教育计划。”她的目标以及NSA的广泛目标——在美国尽可能广泛地传播网络安全教育——并非没有挑战。持续的联邦资助是一个主要问题。“我通常将教育比喻为马拉松,而不是短跑,”格里利澄清道。“是的,网络安全教育有迫切的需求,但我们也有长期的需求,K-12就是这些长期需求之一。在我们看到我们的劳动成果进入职业领域之前还需要一点时间,但我们需要持续的资金来让其中一些项目达到真正成熟的阶段,从而产生影响。”
另一个挑战是,传统上,教育是一个州问题,每个州的需求可能大不相同。“在一种状态下可能有效的方法在另一种状态下可能无效,”她继续说道。“这就是为什么与这些资助计划合作的原因,我最喜欢的一个方面是我们允许主办这些计划的机构具有这种创造力和独特性。佐治亚州北部的GenCyber营地与在波多黎各举办的GenCyber营地看起来会有很大不同。”
自然,大流行使NSA的网络教育工作变得复杂,教室不得不转移到虚拟平台,但正常运营的中断使Greeley和该机构能够全面审视GenCyber计划的影响。
“COVID-19产生的一个积极因素是,我们能够让我们的承包商支持对GenCyber进行为期五年的项目研究,”她解释说。“我们了解到,在不存在网络安全教育资源的领域,GenCyber是一股点火力。我们也知道GenCyber可以成为真正催生社区对网络安全教育的支持的催化剂。因为GenCyber项目是由学术机构主办的,它确实让他们能够在当地与对这项工作感兴趣的高中或中学或行业建立关系。这是GenCyber计划的真正亮点。此外,由于这些项目是由学术界主办的,他们中的许多人选择在他们的大学校园内举办该项目。以前可能从未见过大学校园的学生可以参加这些课程并想象自己在那里。他们遇到像他们一样、长得像他们、兴趣相同的学生,这对他们来说是一种动力。”
格里利承诺,通过其计划,国家安全局将继续为几代接受网络教育的学生奠定基础。“我们的目标是创建真正的大学和职业准备途径,”她说。“而且我们真的在努力为所有学生增加机会。我们将继续减少全国没有网络安全教育的地区。”
习大说:没有网络安全,就没有国家安全。
小编可能孤陋寡闻,很少有类似的报道出现,小编看到此文非常震撼。本文目的单纯分享,作为美国情报老大机构亲自下场从娃娃抓起,义务教育全线进行网络安全教育,足够引发我们多部门综合深思。
10年、20年,足以改变一代人甚至改变一个国家,是不是我国也应该抓紧时间跟上步伐?
英文:
The agency’s cybersecurity education programs aim to increase the cyber knowledge of future personnel.
The U.S. National Security Agency/Central Security Service’s National Cryptologic School is expanding its reach of cyber education programs. The school’s Center for Education, Innovation and Outreach has many cyber-related programs supporting elementary, middle school, high school, college and graduate students. Although it has made great headway in its established programs, the National Security Agency is still working to provide cyber education to underserved regions in the United States.
“We have certain parts of the country that are very, very good in K-12 cybersecurity education,” states Ashley Greeley, K-12 cyber education mission lead; Center for Education, Innovation and Outreach; National Cryptologic School; National Security Agency (NSA)/Central Security Service. “They typically are geographical areas in which the military or the federal government has a strong presence. But we still have a lot of work to do in our midwestern states, in our more rural areas and in our urban environments. Those are the target goals right now. We want to make sure that no matter what the situation is, students have access to this.”
The NSA’s largest cybersecurity education program, the National Centers of Academic Excellence in Cybersecurity (NCAE-C), involves 335 universities, colleges and community colleges. The NSA awards NCAE-C designations to schools that commit to producing cybersecurity professionals that will reduce vulnerabilities in U.S. national infrastructure, according to the agency. The agency partners at the federal level with the Department of Homeland Security’s Cybersecurity Infrastructure Security Agency as well as with the FBI to conduct the program.
“The goal of the program at the collegiate level is to improve the cybersecurity posture of our nation by cultivating this next generation,” Greeley explains. “The schools meet a set list of criteria set by the program office. They receive designation that their curriculum is appropriate in rigor, breadth and scope in either education or research.”
The schools receive a specification that they are either a Center of Academic Excellence in Cyber Defense, Cyber Research or Cyber Operations. Such distinctions—schools can pursue more than one—enable the institutions to compete for grants—such as from the Department of Defense Cybersecurity Scholarship Program (DoD CySP). The schools can also apply to be part of the National Science Foundation’s (NSF) Scholarship for Service program.
As part of her efforts, Greeley works with the NCAE-C designated institutions that receive grants to increase cybersecurity education at the K-12 level. “For example, in FY20, the University of Alabama, Huntsville, and Illinois’ Moraine Valley Community College were both awarded a grant to begin a project called RING, Regions Investing in the Next Generation,” she clarifies. “These two institutions and their academic partners developed an online cybersecurity course for high school students in Alabama and Tennessee. The students represent home-school networks, rural areas and under-resourced schools. Along with the course content and the curriculum, they’ve developed interactive labs and virtual experiences for the students because we know that a lot of times cyber is more engaging when you get to do cybersecurity. Ultimately the goal of RING is to make students aware of both cybersecurity content and cybersecurity careers.”
Given the initial success of RING, the NSA has increased its program grants to develop resources for middle school students. “We have institutions that are working with their state Department of Education to try and recognize cybersecurity as courses that students can receive content for and that teachers can receive credentialing on so they can teach cybersecurity,” she notes. “We also have institutions that are working with middle and high school teachers to get them accredited to teach cybersecurity within their local areas. There is a lot going on, and we’re really excited.”
For schools that are not yet approved to be in the NCAE-C, the DoD CySP offers scholarships and internships for collegiate-level students. “A Defense Department agency or organization selects students for full-time employment and the students are sponsored through their collegiate career,” Greeley states. “And they’re also given the opportunity to intern with the agency.
In turn, the student agrees to work for the DoD for a minimum of one year for every year that they get the scholarship.”
The other part of the cyber scholarship effort empowers current Defense Department employees. It supports both civilian and military personnel in pursuing master’s or doctoral degrees in cyber-related fields, and it also involves a service commitment, she adds.
The NSA has also expanded the scope of its so-called NCX cyber exercise program. It now includes the U.S. senior military colleges—The Citadel, Norwich University, Texas A&M, University of North Georgia, Virginia Military Institute and Virginia Tech—as well as the traditional service academies. The program features education, activities and subject matter expert engagement throughout the academic year at these schools. It finishes with a three-day hackathon competition in April that involves demonstrating both defensive and offensive cyber skills.
“Last year, they expanded NCX to the senior military colleges as well,” Greeley notes. “It was the first year they had done that. The senior military colleges and service academies compete in a series of challenges, with the winner receiving a trophy and bragging rights. In 2021, the winner was the U.S. Naval Academy. It’s a really neat engagement.”
Akhirah Padilla, an NSA public affairs officer, adds, “It is really which one has the best cyber program. We created that program specifically for the military so that we can help them to be the next generation of military leaders in cyber. And over the course of the last couple of years, we’ve had more and more schools that keep approaching us and asking us for opportunities to participate.”
In addition, Greeley oversees two programs, the GenCyber program and the STARTALK grant effort.
The GenCyber program provides annual grants to K-12 institutions to provide year-long educational information in cybersecurity, culminating in a week-long cyber camp for students as well as for teachers. The NSF is a funding partner in the program, along with collaboration support from some federal agencies. “Every year, we issue a call for proposals, and academic institutions compete to host a GenCyber program,” she states. In 2021, 44 states and Puerto Rico hosted cyber camps. The program is working to establish GenCyber education programs in Alaska, Delaware, Iowa, Maine, North Dakota and Oregon.
Meanwhile, the similar STARTALK grant program focuses on foreign language attainment for students and teachers at the elementary, middle school, high school and college levels. The Office of the Director of National Intelligence provides collaborative support to STARTALK, she says.
“STARTALK’s mission is to increase the number of U.S. citizens learning, speaking and teaching critical need foreign languages,” Greeley shares. “The program offers students and teachers creative and engaging summer experiences that strive to exemplify best practices in language education and in language teacher development.”
After teaching U.S. history and U.S. government to high schoolers for 15 years in Indiana, Greeley knew she did not want to become a school administrator, a common career path for classroom instructors. She had heard of the NSA’s cyber education efforts and saw the importance of bringing cyber education into her school—which later developed into a commitment at the national level.
“During the summer months in my last few years teaching, I was able to work for the NSA’s GenCyber program as a contractor,” she explains. “I learned about the program, but more importantly, I learned about cybersecurity and cybersecurity education. I took a lot of what I learned in the summer and started to infuse it into my own courses. I developed a passion for infusing cybersecurity into multiple disciplines. And working as a civilian in my current role allows me to fill both of my passions, which is serving the country while also utilizing my skills that I developed in the classroom to help further cyber educational programs at the national level.”
Her goal, and the NSA’s broad goal—to spread cybersecurity education as widely as possible across the United States—is not without challenges. Continued federal funding is a major issue.
“I generally use the analogy that education is a marathon, not a sprint,” Greeley clarifies. “Yes, there are immediate demanding needs in cybersecurity education, but we also have long-term needs, and K-12 is one of those long-term needs. It will be a little bit before we see the fruits of our labor reach the career field, but we need that continual funding to let some of these projects reach a true stage of maturation where they have an impact.”
Another challenge is that, traditionally, education is a state issue, and each state’s needs can differ greatly. “What might work in one state may not work in another,” she continues. “Which is why working with these grant programs, one of my favorite aspects is that we allow for that creativity and that uniqueness for the institutions that are hosting these programs. A GenCyber camp in north Georgia is going to look a lot different than a GenCyber camp being hosted in Puerto Rico.”
Naturally, the pandemic complicated the NSA’s cyber education efforts, with classrooms having to move to virtual platforms, but the break in normal operations allowed Greeley and the agency to take a comprehensive look at the impacts of GenCyber program.
“One of the positives of COVID-19 was that we were able to have our contractor support do a five-year program study of GenCyber,” she explains. “We learned that GenCyber is an ignition force in areas where cybersecurity education resources don’t exist. We also know that GenCyber can be a catalyst to really spawn community support of cybersecurity education. Because GenCyber programs are hosted by academic institutions, it really allows them to develop relationships in their local area with high schools or middle schools or industries that are interested in this work. That has been a real highlight of the GenCyber program. Also, because these programs are hosted by academia, many of them choose to host the program on their college campus. Students who may never have seen a college campus before are able to go to these programs and envision themselves being there. They meet students like them, who look like them and who have the same interests, and it serves as a motivating force for them.”
Through its programs, the NSA will continue to lay the groundwork for generations of cyber-educated students, Greeley promises.
“Our goal is to create true college and career readiness pathways,” she says. “And we are really working to try to increase the opportunity for all students. And we will continue to decrease the areas in the nation that don’t have cybersecurity education.”
