CyberVets Answer Call to Protect U.S. Data
After defending his country for more than two decades, retired Navy Electronics Technician First Class Petty Officer Anthony Lopez is now protecting CMS from cybersecurity threats thanks to CyberVets, a skills program that retrains military personnel to help protect and strengthen the federal government’s IT infrastructure.
“The program alone has gotten me here exactly where I want to be, so I owe the program everything,” Lopez said. “During COVID I was slated to retire from the Navy and then a fleetwide message went out asking if we wanted to extend our tours. I re-upped for six months and heard about the SkillsBridge program. The reason CyberVets caught my interest is because I saw it was involved with the Department of Health and Human Services. That was a big, big deal because it is the number two priority on America’s budget behind Social Security.”
Lopez is one of a small but growing number of graduates who have completed CyberVet’s six-month rotational training program and are filling an acute shortage of cybersecurity professionals. In fact, over an eight-year period tracked by industry trade publication Cybersecurity Ventures, the number of unfilled cybersecurity jobs grew by 350 percent, from 1 million positions in 2013 to 3.5 million in 2021. While the gap may finally be leveling off, Cybersecurity Ventures recently predicted the same number of openings will occur between now and 2025.
CMS foresaw the coming shortage of trained cybersecurity professionals four years ago and created the CyberVets program to train veterans with the skills they need to transition to post-military careers. To date, 22 veterans like Lopez have graduated from the CyberVets program since it began.
“All of those employed or supporting CMS are in cybersecurity roles,” says P. Shane Gallagher, PhD, CyberVets program lead. There are a couple of program graduates that are employed in industry but not in cybersecurity. The other graduates employed outside of CMS are in cybersecurity.”
Participants engage in both authentic problem-based and “on the job” cybersecurity training, learning the skills that are required to protect government data and networks.
“The goal of the program is to train generalists,” says Gallagher. “But we try to get all our cohorts familiar with operations as a cybersecurity analyst and then on the policy side to prepare them as an information systems security officer. So when they are done, they have a well-rounded experience. But as they go through this, they also get a chance to experience many types of cybersecurity roles.”
For Lopez, the program’s focus on the role of an Information Systems Security Officer (ISSO) and accompanying certifications were big draws.
“There were specific objectives that were highlighted, including the GIAC cybersecurity certification as part of the graduation process,” he says. “That, to me, was the highest incentive. The GIAC certification alone was roughly $1,500 and the training was $7,000. So I said to myself ‘do not miss this opportunity.’”
Lopez is not alone. In the past year, fellow sailors Justin White and Arlene Pinpin Stevens have also transitioned from the Navy into cybersecurity roles after graduating from CyberVets. Both were impressed by the program’s curriculum and are now supporting CMS as contractors with Iron Vine Security in Washington.
“At my last duty station in Tennessee I started early planning for retirement,” says White, who was stationed aboard several ships during his 20-year Navy career and now works as a penetration tester. “I was interested in IT – any type of technology – and through my research I saw there was a critical gap in cybersecurity that would continue for 20 years. I looked into cybersecurity and what I found was within my interest range and skill set, and I knew I would be relocating from California to Virginia or Maryland because my wife is from Maryland.
“So I put in for it and graduated last September with multiple offers near where I live at the Aberdeen (Md.) Proving Grounds. The skills I’ve learned came 100 percent from the program. I would not have been able to pass the interview or know a quarter of what I know without the CyberVets program.”
Pinpin Stevens’s path to a cybersecurity career was anything but traditional. A native of the Philippines, she served for five years as a military medic while stationed at Walter Reed National Military Medical Center in Bethesda, Md., but had aspired to work in a cybersecurity capacity.
“I was accepted in the Cryptologic Warfare Officer program but did not get through it due to medical reasons,” she says. “I was on the verge of getting medically discharged and my hopes of getting into the cybersecurity field were shot. Then a friend told me about the SkillBridge program, and I saw the CyberVets listing. It is the only program that prepares you for a cybersecurity career.
“I did not expect to get accepted into the program because my background was in biology and nursing. When I enlisted, my request to be assigned in information technology was denied and I was designated as a medic due to my credentials as a registered nurse. CyberVets has the ISSO program that really spoke to me on that level. I was drawn to it. Even if my position is not ISSO, the components that I learned about it prepared me well. I understand what the role of an ISSO is and why we need to test the systems.”
Pinpin Stevens graduated from CyberVets in July and was immediately hired by Iron Vine as a project manager.
Graduates are free to seek employment within any government agency or private industry.
“Because there is such a shortage of cybersecurity professionals, we look at this way – a rising tide floats all boats,” Gallagher says. “So even if they go to industry or another government agency it still supports the cybersecurity workforce. That was one of our goals in developing the program, as well as keeping veterans employed. Our metrics for success are simple: Are they employed and, ideally, are they supporting CMS in some way?”
You can learn more online about CyberVets here and on the program’s LinkedIn page.
A homegrown CMS program is training soon-to-be retired military veterans to protect and strengthen the federal government’s IT infrastructure.
What Does it Take to Become a CyberVet?
The CyberVets SkillBridge program takes place in the last six months of a participant’s active tour of duty. The curriculum begins with a solid foundation in network fundamentals and network security before progressing into more advanced areas such as reverse engineering, threat management, policy, and compliance management.
Participants develop the skills and confidence necessary to explore modern cybersecurity theories through hands-on learning experiences and communicate threats to senior leadership.
Upon successful completion, CyberVet graduates will be:
- Trained in cybersecurity operations, compliance, and policy.
- Certified in GIAC Security Essentials (GSEC).
- Mentored in the CMS work environment and culture.
They will also graduate with an established network and relationships among operators, cyber risk advisors, ISSOs, and management within CMS and elsewhere in government.
“This program doesn’t work in a vacuum,” Gallagher says. “We have to have mentorship and commitment from ISPG. The operations, policy and compliance folks within ISPG are really behind us. They’re working with us and dedicating a part of the contractor support teams to support us in refining and making our curriculum more robust.”