Advertisement

Maryland to train 100 state workers in cybersecurity

"Everyone in IT has to be a cyber person," Maryland CISO Chip Stewart said of a program that will fund cyber training for 100 state workers.
workspace
(Getty Images)

With recruitment and retention concerns dominating the state-government IT community, Maryland officials said this week that a workforce development program will fund cybersecurity training for up to 100 state technology employees.

The EARN Maryland program, run by the state Department of Labor, will send selected employees to the Baltimore Cyber Range for basic or advanced cybersecurity courses. The training is being overseen by the Maryland Department of Information Technology, which is aiming to involve more tech workers across state government in incident response or risk assessment and security architecture.

Chip Stewart, the state’s chief information security officer, told StateScoop he hopes to find 50 candidates each for the two tracks. The more basic track is open to IT workers in any state agency who’ve expressed interest in picking up cyber skills and have at least one year on the job, he said.

“How do we turn them into a cybersecurity person?” Stewart said. “Not an elite hacker or expert, but someone who can help support cyber operations.”

Advertisement

Employees on that track will take about four weeks of classes, after which they’ll be able to play support roles in security operations centers. Stewart said it’s urgent that as many IT pros as possible gain security experience.

“Everyone in IT has to be a cyber person,” he said. “Cybersecurity is a team sport, but it’s so cheesy. Everyone contributes to the posture. If the IT people can be first responders, they can identify if something bad is happening and know how to report effectively. It helps minimize the risk.”

The more advanced track, Stewart said, is for employees who’ve had at least five years of experience in IT or cybersecurity and want to become Certified Information Systems Security Professionals, an industry credential that requires coursework and an exam.

“My hope anyone in a technology leadership role would do this,” he said.

A state CISO survey published earlier this month found many of Stewart’s colleagues nationwide are worrying about their ability to hire new workers. Melissa Leaman, Maryland’s assistant secretary of finance and administration, said recently that in addition to the private sector, the state faces competition in the labor market from the federal government, Virginia and the District of Columbia.

Advertisement

Stewart said the situation’s not quite as severe in his own office, but that the new training program could fill gaps.

“I think everyone’s bought into the mission we have,” he said. “You’re protecting the systems that support your home. The next step for us is establishing a program that helps raise the collective cyber capability of the state across the workforce.”

Stewart said within a day of the training opportunity being announced to state workers, he’d even gotten interest from people working outside of technology.

“I got a call from a woman who is not an IT worker and was interested,” he said. “I said the first thing you need to do is get into IT. We’re going to get her looking at IT jobs. Let’s get her that first year of experience.”

Benjamin Freed

Written by Benjamin Freed

Benjamin Freed was the managing editor of StateScoop and EdScoop, covering cybersecurity issues affecting state and local governments across the country. He wrote extensively about ransomware, election security and the federal government’s role in assisting states and cities with information security.

Latest Podcasts