Takeaways from the White House Cyber Workforce and Education Summit
Dan Whiting | 19 July 2022
Today the White House convened the White House Cyber Workforce and Education Summit to gather government and private-sector leaders to discuss how to address the labor shortage and other challenges for U.S. cybersecurity. The meeting included the nation’s top cybersecurity and workforce policy decision makers, including the National Cyber Director and the Cabinet secretaries from the Departments of Commerce, Homeland Security, and Labor and the Under Secretary of Education.
Jim Zemlin, Executive Director of the Linux Foundation, was invited to participate.
During the meeting, Jim emphasized the need to “shift left” security training and best practices as much as possible. Addressing security at the beginning of the technology supply chain is more efficient and effective – it is being proactive rather than reactive. This begins with providing open source practitioners with the knowledge and skills to build security into the development of the software we all depend on.
Addressing security at the beginning of the technology supply chain is more efficient and effective – it is being proactive rather than reactive.
He emphasized the commitment of the Linux Foundation to partner with industry leaders to provide no cost or low cost training and certification in cybersecurity beginning with our Developing Secure Software course, which is 15 hours of training across 3 modules (security principles, implementation considerations & software verification). The goal is to teach software developers how to develop more secure software from the beginning because that is much more efficient than finding and remediating vulnerabilities.
Since launching it this spring, over 10,000 students have started the course and over 1,000 completed it and received their verifiable certification. But this is just the beginning. Over the next few months, the Linux Foundation will launch new courses and certification exams on topics such as:
- Sigstore
- Software Bills of Materials (SBOMs)
- Air Gap Software Delivery
- DevSecOps
Addressing cybersecurity challenges through investments in the workforce is about more than hiring and training more cybersecurity professionals. Providing effective training for individuals involved at all points in the software development lifecycle is key to success – kind of like building security into a building at the beginning rather than just hiring security guards to protect it.
Providing effective training for individuals involved at all points in the software development lifecycle is key to success – kind of like building security into a building at the beginning rather than just hiring security guards to protect it.
The goal of building a more robust cyber workforce is part of the recommendations developed earlier this year after the White House-convened Open Source Software Security Summit in February and a follow-up Summit in May. You can read about the recommended 10 streams of investment and the entire Open Source Software Security Mobilization Plan here. And consider joining the OpenSSF to help make our software supply chain more secure by building an expert community, targeted initiatives, and best practices.
We encourage you to enroll in the Developing Secure Software training from the OpenSSF. It is free for everyone through Linux Foundation Training & Certification. You can also enroll through edX for free in audit mode or with a verified certificate of completion for an additional fee.
For more information on the Summit, the White House’s fact sheet summarizing the Summit is here.
Similar Articles
Browse Categories
Cloud Computing Compliance and Security Open Source Projects 2024 Linux How-To LF Research Open Source Ecosystem and Governance Blog Diversity & Inclusion Newsletter Data, AI, and Analytics linux blog Research Training and Certification Linux Cross Technology Cloud Native Computing Foundation cybersecurity software development Announcements Decentralized Technology Legal OpenSearch Sustainability and Green Initiatives cloud native generative AI lf events Finance and Business Technology Networking and Edge cncf industries Emerging Technology Health and Public Sector Interoperability Kubernetes Topic: Security Web Application & Development amazon web services aws community tools confidential computing challenges decentralized AI decentralized computing eBPF funding japan spotlight kernel license compliance openssf ospo research survey skills development state of open source tech talent