Cyber Leadership

As the world grows evermore dependent on information technology, cyber threats have the potential to touch, if not harm, every institution in American society. The nature of the cyber threat is so strategic, pervasive and precise as to warrant attention by leaders in government, military and business, as well as the general public.

"Leadership in a Cyber Age" is an initiative intended to help prepare America's institutional leaders for the complexities of operating in an era of cyber threat. Ongoing research seeks to identify and investigate key issues in leadership development across society, and to recommend improvements so that the United States, as a society, is prepared for the threats of the modern world.

Cyber Leadership Reports

Professionalizing Cybersecurity: A Path to Universal Standards and Status

Authors: Francesca Spidalieri and Sean Kern

Despite the growing need for cybersecurity skills and a knowledgeable and experienced cyber workforce, the field is highly fragmented with no clear path set for those who want to pursue the cybersecurity profession. In "Professionalizing Cybersecurity: A Path to Universal Standards and Status," Pell Center fellow Francesca Spidalieri and Lt. Col. Sean Kern propose an alternative to the current, ad hoc, decentralized approach to cybersecurity workforce development. They chart a path to professionalizing the field and call for the creation of a professional association dedicated entirely to cybersecurity. A nationally recognized independent professional association would serve as a clearinghouse for the cybersecurity profession and a focal point for education, training, communication, participation, facilitation, support and negotiation within the cybersecurity workforce. Additional member professional associations could then act as representatives of each cybersecurity specialty, similar to how the American Medical Association has a professional association for each medical specialty.

Achieving cybersecurity is far more than a technical problem: it is fundamentally a people problem. And since cybersecurity is a people problem, there must be a people solution. This requires developing an overarching organizational framework to develop, manage and oversee the training, education, certification and continuous professional development of a qualified cybersecurity workforce along a career continuum, and to guide leaders across society in harnessing the right people with the right knowledge, skills, and abilities to the right challenges in a rapidly evolving environment.

The study follows previous reports on cybersecurity education in non-technical fields, which detailed the failing of America's most prestigious civilian and military graduate programs to educate their students - and ultimately the nation - for an era of persistent cyber threat.

Joint Professional Military Education Institutions in an Age of Cyber Threat

Author: Francesca Spidalieri

America's military graduate programs are struggling to integrate cyber education within their curricula and to reorient their academic objectives and outcomes to prepare senior military officers to lead in the cyber age. In "Joint Professional Military Education Institutions in an Age of Cyber Threat," Pell Center fellow Francesca Spidalieri surveys efforts by senior military institutions in the United States to educate their graduates - and ultimately the nation - for the strategic and operational challenges of our time. This study follows the report "One Leader at a Time: The Failure to Educate Future Leaders for an Age of Persistent Cyber Threat," which detailed the failing of America's most prestigious civilian graduate programs to prepare graduates to lead in an era of persistent cyber threat.

In this report, Spidalieri surveyed the six military graduate programs that offer joint professional military education and that traditionally develop strategic and operational leaders for the U.S. military. The results provide an overview of current efforts by these institutions to include information technology and cyber security into their curricula. To date, most of the programs reviewed for this study have neither fully integrated cyber into their existing core curricula nor aligned their programs with the strategic goals of the nation's cyber defense strategy.

The report - drafted after four months of extensive research and interviews - illustrates the current state of affairs of senior military graduate programs to further the assimilation of cyber into the operational arena for each physical domain. The fundamental question was whether these programs included courses, occasional conferences, war gaming exercises or other forms of training for their officers to be exposed to cybersecurity issues and gain the knowledge necessary to integrate cyber capabilities and information activities with other U.S. government actions.

The report finds that much remains to be done. Although the report praises the increased effort by military graduate programs to develop new content for cyber education - especially in comparison to the much slower or nonexistent progress in American civilian universities - a preparation gap still persists. In brief, there remains a significant imbalance between the evident need to educate all military leaders about the complexities of cyberspace and the marginal role that cyber education still plays in some of the JPME institutions evaluated. The different level of exposure to cyber education and training seems more striking when comparing some of these graduate programs that should, at least in theory, offer similar joint professional military education curricula.

One Leader at a Time: The Failure to Educate Future Leaders for an Age of Persistent Cyber Threat

Author: Francesca Spidalieri

America's colleges and universities are failing to prepare the next generation of leaders for responsibility in an age of cyber threat. In "One Leader at a Time: The Failure to Educate Future Leaders for an Age of Persistent Cyber Threat," Pell Center fellow Francesca Spidalieri details the failing of America's most prestigious graduate programs to prepare their graduates - and ultimately the nation - for leadership of critical institutions.

Cyber threats have the potential to undo all the economic, social and military advances that cyberspace has enabled. Ultimately, these threats can touch, if not harm, every institution in American society - from the U.S. government to banks and hospitals, universities, corporations and more. It is no wonder, then, that President Barack Obama referred to cybersecurity as "one of the most serious economic and national security challenges we face."

Yet the training of America's next generation of leaders has, on balance, remained remarkably disconnected from the challenges of this century. In researching "One at a Time," Spidalieri surveyed 70 top-ranked master's-level programs in business, law, public affairs, public policy, international relations, criminal justice and health care management. Not one of the programs reviewed - not one - includes any aspect of cybersecurity among their core requirements. In fact, of the 70 elite programs surveyed, only 10 clustered among five universities scored 3.0 or higher on a four-point scale to assess the exposure their students receive to cybersecurity issues.