Office of the National Cyber Director - RFI for ideas, inputs, and recommendations
|
Brian Behlendorf
Thought people here might find this of interest. Probably worth multiple responses rather than a SIG-coordinated one, but perhaps worth discussing how a response to this might connect with the goals of this SIG. Brian ---------- Forwarded message
---------
From: Tortora, Paul J. EOP/NCD <Paul.J.Tortora@...> Date: Wed, Oct 5, 2022 at 5:48 AM Subject: Office of the National Cyber Director - RFI for ideas, inputs, and recommendations To: Cc: Stewart Gloster, Camille A. EOP/NCD <Camille.A.Stewart@...>, Nielsen, Suzanne C. EOP/NCD <Suzanne.C.Nielsen@...> Dear Colleagues: As many of you know, the Office of the National Cyber Director is in the initial stages of a collaborative development of a new National Strategy on Cyber Workforce and Education. As part of our wide-reaching plan and in order to gather as much information, ideas, and recommendations for this to be a successful effort, we are seeking best practice insights, ideas, and inputs from stakeholders in the private sector, non-profit organizations, academic institutions, and government in the following areas:
I. Cyber Workforce: Recruitment, Hiring, Career Development, Reskilling, Retention, Statistics & Data II. Diversity, Equity, Inclusion, and Accessibility (DEIA): In the Workforce, and in Training, Education, and Awareness Efforts III. Training, Education, Awareness: Training, Higher Education, K-12 Education, General Cybersecurity education, digital awareness and online safety To reach as much of the nation as possible, we are casting a wide net through a publicly available Request for Information ( Office of the National Cyber Director Requests Your Insight and Expertise on Cyber Workforce, Training, and Education - The White House), and we would welcome your thoughts and experiences on this topic, as well as those from within your organization to provide us with impactful insights and recommendations to share in any of the above or related areas. We want to ensure that we hear from as many voices as possible as we move forward, so should you or your staff have any questions, please feel free to share them with me or Suzanne Nielsen, Director, National Workforce and Education Strategy (suzanne.c.nielsen@... ), and our team will follow up with you as soon as possible. Thank you for your involvement and partnership,
Sincerely,
Paul
Paul J. Tortora Office of the National Cyber Director Executive Office of the President C: 202-881-9625
Jim Zemlin
Executive Director, The Linux Foundation |
|||||||
|
|
|||||||
|
Thanks for sharing Brian! I think this would be something most excellent for the group to have some thoughts on! Do you have a deadline when you’d like comments back to you (I am assuming you’ll be collecting for the OSSF)?
Cheers,
CRob Director of Security Communications Intel Product Assurance and Security
From: openssf-sig-education@... <openssf-sig-education@...>
On Behalf Of Brian Behlendorf
Sent: Tuesday, October 11, 2022 4:15 AM To: openssf-sig-education@... Subject: [openssf-sig-education] Office of the National Cyber Director - RFI for ideas, inputs, and recommendations
Thought people here might find this of interest. Probably worth multiple responses rather than a SIG-coordinated one, but perhaps worth discussing how a response to this might connect with the goals of this SIG. Brian
---------- Forwarded message ---------
Dear Colleagues: As many of you know, the Office of the National Cyber Director is in the initial stages of a collaborative development of a new National Strategy on Cyber Workforce and Education. As part of our wide-reaching plan and in order to gather as much information, ideas, and recommendations for this to be a successful effort, we are seeking best practice insights, ideas, and inputs from stakeholders in the private sector, non-profit organizations, academic institutions, and government in the following areas:
I. Cyber Workforce: Recruitment, Hiring, Career Development, Reskilling, Retention, Statistics & Data II. Diversity, Equity, Inclusion, and Accessibility (DEIA): In the Workforce, and in Training, Education, and Awareness Efforts III. Training, Education, Awareness: Training, Higher Education, K-12 Education, General Cybersecurity education, digital awareness and online safety To reach as much of the nation as possible, we are casting a wide net through a publicly available Request for Information ( Office of the National Cyber Director Requests Your Insight and Expertise on Cyber Workforce, Training, and Education - The White House), and we would welcome your thoughts and experiences on this topic, as well as those from within your organization to provide us with impactful insights and recommendations to share in any of the above or related areas. We want to ensure that we hear from as many voices as possible as we move forward, so should you or your staff have any questions, please feel free to share them with me or Suzanne Nielsen, Director, National Workforce and Education Strategy (suzanne.c.nielsen@... ), and our team will follow up with you as soon as possible. Thank you for your involvement and partnership,
Sincerely,
Paul
Paul J. Tortora Office of the National Cyber Director Executive Office of the President C: 202-881-9625
-- Jim Zemlin
|
|||||||
|
|
|||||||
|
Brian Behlendorf
If this group wants to develop a
response, I can send it into the RFI on OpenSSF letterhead, but
I'll need a week to get legal review on our side (among other
reasons so we stay clear of "lobbying"). It's not going to take a
week's worth of work to review, but I don't control the queue of
items through the LF's legal team, so a week is my safe estimate
of how long that'll take assuming a couple of pages of response
plus work any changes with the SIG. I also can't commit OpenSSF
staff time to collate/organize/make sense of individual responses
into a unified one - it needs to be someone here who can be the
editor.
Brian
On 10/11/22 05:46, Robinson,
Christopher wrote:
-- Brian Behlendorf General Manager, Open Source Security Foundation bbehlendorf@... Twitter: @brianbehlendorf |
|||||||
|
|
|||||||
|
David and I chatted after the BEST working group call today. He and I and many in the group see a lot of value in contributing here. To that end I created this strawman draft(1) for the group to massage and contribute to if we want one response from the SIG. It would be useful to get some guidance on how we want to position the response (is this a list of what we’re doing? Is this a list of proposed contributions to their effort? Is this an invitation for their contributions? Etc.). I know that my company will also be working up a response from their perspective that may touch on the SIG’s efforts, but ultimately be tailored to their interactions with the NCD to date and ongoing.
We’re VERY excited about this opportunity and I welcome the SIG (and other members) to help us craft a most excellent response. I’m glad to help steer this and get it prepped for your side’s legal review. TEAM – please get your thoughts/suggestions/additions/removals/comments in before 16October so we can give the LF team time to do their review.
Thank you all!
Cheers,
CRob Director of Security Communications Intel Product Assurance and Security
From: openssf-sig-education@... <openssf-sig-education@...>
On Behalf Of Brian Behlendorf
Sent: Tuesday, October 11, 2022 11:01 AM To: Robinson, Christopher <christopher.robinson@...> Cc: openssf-sig-education@... Subject: Re: [openssf-sig-education] Office of the National Cyber Director - RFI for ideas, inputs, and recommendations
If this group wants to develop a response, I can send it into the RFI on OpenSSF letterhead, but I'll need a week to get legal review on our side (among other reasons so we stay clear of "lobbying"). It's not going to take a week's worth of work to review, but I don't control the queue of items through the LF's legal team, so a week is my safe estimate of how long that'll take assuming a couple of pages of response plus work any changes with the SIG. I also can't commit OpenSSF staff time to collate/organize/make sense of individual responses into a unified one - it needs to be someone here who can be the editor.
Brian
On 10/11/22 05:46, Robinson, Christopher wrote:
-- Brian Behlendorf General Manager, Open Source Security Foundation bbehlendorf@... Twitter: @brianbehlendorf |
|||||||
|
|
|||||||
|
eric.tice@...
We should discuss this in the Education SIG expand content meeting also?
Respectfully,
From:
Robinson, Christopher <christopher.robinson@...> CAUTION:This email is received from an external domain. Open the hyperlink(s) & attachment(s) with caution.
David and I chatted after the BEST working group call today. He and I and many in the group see a lot of value in contributing here. To that end I created this strawman draft(1) for the group to massage and contribute to if we want one response from the SIG. It would be useful to get some guidance on how we want to position the response (is this a list of what we’re doing? Is this a list of proposed contributions to their effort? Is this an invitation for their contributions? Etc.). I know that my company will also be working up a response from their perspective that may touch on the SIG’s efforts, but ultimately be tailored to their interactions with the NCD to date and ongoing.
We’re VERY excited about this opportunity and I welcome the SIG (and other members) to help us craft a most excellent response. I’m glad to help steer this and get it prepped for your side’s legal review. TEAM – please get your thoughts/suggestions/additions/removals/comments in before 16October so we can give the LF team time to do their review.
Thank you all!
Cheers,
CRob Director of Security Communications Intel Product Assurance and Security
From: openssf-sig-education@... <openssf-sig-education@...>
On Behalf Of Brian Behlendorf
Sent: Tuesday, October 11, 2022 11:01 AM To: Robinson, Christopher <christopher.robinson@...> Cc: openssf-sig-education@... Subject: Re: [openssf-sig-education] Office of the National Cyber Director - RFI for ideas, inputs, and recommendations
If this group wants to develop a response, I can send it into the RFI on OpenSSF letterhead, but I'll need a week to get legal review on our side (among other reasons so we stay clear of "lobbying"). It's not going to take a week's worth of work to review, but I don't control the queue of items through the LF's legal team, so a week is my safe estimate of how long that'll take assuming a couple of pages of response plus work any changes with the SIG. I also can't commit OpenSSF staff time to collate/organize/make sense of individual responses into a unified one - it needs to be someone here who can be the editor.
Brian
On 10/11/22 05:46, Robinson, Christopher wrote:
-- Brian Behlendorf General Manager, Open Source Security Foundation bbehlendorf@... Twitter: @brianbehlendorf
Internal to Wipro |
|||||||
|
|
|||||||
|
Sounds like a great suggestion
Cheers,
CRob Director of Security Communications Intel Product Assurance and Security
From: openssf-sig-education@... <openssf-sig-education@...>
On Behalf Of eric.tice via lists.openssf.org
Sent: Tuesday, October 11, 2022 11:44 AM To: Robinson, Christopher <christopher.robinson@...>; openssf-sig-education@...; bbehlendorf@...; David A. Wheeler <dwheeler@...> Cc: Arnaud Le Hors <lehors@...>; daniel.appelquist@... Subject: Re: [openssf-sig-education] Office of the National Cyber Director - RFI for ideas, inputs, and recommendations
We should discuss this in the Education SIG expand content meeting also?
Respectfully,
From:
Robinson, Christopher <christopher.robinson@...> CAUTION:This email is received from an external domain. Open the hyperlink(s) & attachment(s) with caution.
David and I chatted after the BEST working group call today. He and I and many in the group see a lot of value in contributing here. To that end I created this strawman draft(1) for the group to massage and contribute to if we want one response from the SIG. It would be useful to get some guidance on how we want to position the response (is this a list of what we’re doing? Is this a list of proposed contributions to their effort? Is this an invitation for their contributions? Etc.). I know that my company will also be working up a response from their perspective that may touch on the SIG’s efforts, but ultimately be tailored to their interactions with the NCD to date and ongoing.
We’re VERY excited about this opportunity and I welcome the SIG (and other members) to help us craft a most excellent response. I’m glad to help steer this and get it prepped for your side’s legal review. TEAM – please get your thoughts/suggestions/additions/removals/comments in before 16October so we can give the LF team time to do their review.
Thank you all!
Cheers,
CRob Director of Security Communications Intel Product Assurance and Security
From:
openssf-sig-education@... <openssf-sig-education@...>
On Behalf Of Brian Behlendorf
If this group wants to develop a response, I can send it into the RFI on OpenSSF letterhead, but I'll need a week to get legal review on our side (among other reasons so we stay clear of "lobbying"). It's not going to take a week's worth of work to review, but I don't control the queue of items through the LF's legal team, so a week is my safe estimate of how long that'll take assuming a couple of pages of response plus work any changes with the SIG. I also can't commit OpenSSF staff time to collate/organize/make sense of individual responses into a unified one - it needs to be someone here who can be the editor.
Brian
On 10/11/22 05:46, Robinson, Christopher wrote:
-- Brian Behlendorf General Manager, Open Source Security Foundation bbehlendorf@... Twitter: @brianbehlendorf
'The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com' Internal to Wipro |
|||||||
|
|
