The U.S. is vulnerable to attacks on its networked technology infrastructure. As more smart devices come onto the market with connectivity to other devices and networks, vulnerabilities to cyber attacks from bad actors are amplified.
Military installations are a high-value target to cyber criminals, and the U.S. military is tasked with maintaining defensive postures against cyber threats to its systems and the larger civilian cybersphere, as well as offensive strategies to ensure U.S. military, government, and civilian data and networks are well protected.
These challenges must be met with capable, trained personnel and systems that can flexibly adapt and innovate against the ever-changing threat landscape.
WillCo Tech and its partner company Military Hire have direct experience with serving the military and commercial sectors in both cybersecurity, workforce credentials, and certification management.
In August, 2016, the U.S. Department of Defense (DOD) took a major step forward in its efforts to determine a workforce posture against the ever-growing threats existing and developing in the cyber domain.
Using the same workforce compliance framework developed by the National Institutes of Standards and Technology (NIST) National Initiative for Cyber Education (NICE) for use in civil Government Agencies, DOD Directive 8140.01 mandated the implementation of this framework to ensure the proper level of consideration was given to educate their cyber workforce.
NICE identifies essential knowledge, skills, and abilities for critical job roles. It also emphasizes hands-on experience and training. DOD Directive 8140 has the ability to include NICE and other approaches to meet training and certification requirements for a cyber workforce.
Prior to DOD Directive 8140, the 2005 DOD Directive (DODD) 8570.01 was implemented to meet DOD’s cyber reporting requirements to Congress under the Federal Information Security Management Act (FISMA) legislation that defines a comprehensive framework to protect government information, operations, and assets against natural or man-made threats.
The U.S. Army, as part of its efforts to comply with DODD 8570.01, deployed the first of its kind Army Training and Certification Tracking System (ATCTS). While the tool was originally designed for tracking cyber-related training and certifications, the Army quickly recognized the software tool’s capabilities and deployed the tool across all non-medical training and certification tracking requirements.
The Army, understanding the importance of being able to track certifications and training under the more comprehensive regiment imposed by DODD Directive 8140.01, recently awarded the first 8140 specific ATCTS contract, which incorporates all of the changes mandated by the newer directive.
Cybersecurity allows both the resources and tactics to be created and carried out by individuals who rely on little outside their knowledge, skills, and abilities (“KSA”). 8140 adopts a training posture and framework that can be adapted as the threat changes: new roles and KSAs can be updated as the landscape changes.
By implementing an 8140 specific capability, the U.S. Army has positioned themselves to meet their statutory obligations, but more importantly— prove their FISMA compliance under the new regulatory schema, which enhances their cyber workforce’s ability to perform.
ATCTS is a Software as a Service (SaaS) capability that is deployed as part of the Army Knowledge Online (AKO) enterprise workforce management solution. For over a decade, this stable and effective tool has allowed Army managers to know and predict their workforce’s ability to perform their roles, stay compliant with assigned annual training requirements, and predict and deploy resources against forecasted capability shortfalls.
ATCTS can be deployed in a private environment or in the cloud, and the ATCTS system can be customized to meet the specific needs of each participating government or military agency.