82 FR 32172 - Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure: Workforce Development
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology Federal Register Volume 82, Issue 132 (July 12, 2017)
National Institute of Standards and Technology
Federal Register Volume 82, Issue 132 (July 12, 2017)
| Page Range | 32172-32174 | |
| FR Document | 2017-14553 |
[Federal Register Volume 82, Number 132 (Wednesday, July 12, 2017)] [Notices] [Pages 32172-32174] From the Federal Register Online [www.thefederalregister.org] [FR Doc No: 2017-14553] ----------------------------------------------------------------------- DEPARTMENT OF COMMERCE National Institute of Standards and Technology [Docket Number 170627596-7596-01] Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure: Workforce Development AGENCY: National Institute of Standards and Technology (NIST), Department of Commerce. ACTION: Notice; Request for Information (RFI). ----------------------------------------------------------------------- SUMMARY: Executive Order 13800, ``Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure'' (the ``Executive Order''), directs the Secretary of Commerce, in conjunction with the Secretary of Homeland Security, and in consultation [[Page 32173]] with other Federal Departments and Agencies, to assess the scope and sufficiency of efforts to educate and train the American cybersecurity workforce of the future, including cybersecurity-related education curricula, training, and apprenticeship programs, from primary through higher education; and provide a report to the President with findings and recommendations regarding how to support the growth and sustainment of the Nation's cybersecurity workforce in both the public and private sectors. The National Institute of Standards and Technology (NIST) is seeking information on the scope and sufficiency of efforts to educate and train the Nation's cybersecurity workforce and recommendations for ways to support and improve that workforce in both the public and private sectors. Responses to this RFI--which will be posted at https://nist.gov/nice/cybersecurityworkforce--will inform the assessment and report of the Secretaries of Commerce and Homeland Security to the President. DATES: Comments must be received by 5 p.m. Eastern time on August 2, 2017. ADDRESSES: Online submissions in electronic form may be sent to [email protected]. Please include the subject heading of ``Cybersecurity Workforce RFI''. Attachments to electronic comments will be accepted in Microsoft Word or Excel, or Adobe PDF formats only. Written comments may be submitted by mail to Cybersecurity Workforce RFI, National Institute of Standards and Technology, 100 Bureau Drive, Stop 2000, Gaithersburg, MD 20899. Comments containing references, studies, research, and other empirical data that are not widely published should include copies or electronic links of the referenced materials. All submissions, including attachments and other supporting materials, will become part of the public record and subject to public disclosure. Sensitive personal information, such as account numbers or Social Security numbers, or names of other individuals, should not be included. Submissions will not be edited to remove any identifying or contact information. Do not submit confidential business information, or otherwise sensitive or protected information. Please do not submit additional materials. All comments received in response to this RFI will be made available at https://nist.gov/nice/cybersecurityworkforce without change or redaction, so commenters should not include information they do not wish to be posted (e.g., personal or confidential business information). Comments that contain profanity, vulgarity, threats, or other inappropriate language will not be posted or considered. FOR FURTHER INFORMATION CONTACT: For questions about this RFI, contact: Danielle Santos at 301-975-5048 or Danielle.Santos[email protected]. Please direct media inquiries to the NIST Public Affairs Office at 301-975- 2762 or [email protected]. SUPPLEMENTARY INFORMATION: Executive Order 13800 of May 11, 2017, ``Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,'' directs the Secretary of Commerce and the Secretary of Homeland Security to consult with the Secretaries of Defense, Labor, and Education, the Director of the Office of Management and Budget, and other agencies identified jointly by the Secretary of Commerce and the Secretary of Homeland Security, in conducting an assessment and making recommendations regarding the nation's cybersecurity workforce.\1\ Specifically, these departments are to: --------------------------------------------------------------------------- \1\ Exec. Order No. 13800, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, 82 FR 22391 (May 16, 2017). --------------------------------------------------------------------------- (A) ``jointly assess the scope and sufficiency of efforts to educate and train the American cybersecurity workforce of the future, including cybersecurity-related education curricula, training, and apprenticeship programs, from primary through higher education; and'' (B) ``within 120 days of this order, provide a report to the President through the Assistant to the President for Homeland Security and Counterterrorism, with findings and recommendations regarding how to support the growth and sustainment of the Nation's cybersecurity workforce in both the public and private sectors.'' \2\ --------------------------------------------------------------------------- \2\ https://www.federalregister.gov/d/2017-10004. --------------------------------------------------------------------------- The Commerce Department's National Institute of Standards and Technology is soliciting comments from the public that will aid the Department of Commerce (DOC) and the Department of Homeland Security (DHS) in preparing the assessment and report to the President. For the purposes of this RFI, ``education and training'' of the American cybersecurity workforce does not include general workforce cybersecurity awareness efforts. Rather, ``education and training'' refers to curriculum- or practicum-based programs to increase the effectiveness of the workforce addressing cybersecurity challenges. As the Executive Order states, comments are sought on the cybersecurity workforce in both the private and public sectors. NIST may conduct workshops to gain further public input to the assessment and recommendations regarding the cybersecurity workforce. Information will be made available at https://nist.gov/nice/cybersecurityworkforce. This RFI does not address additional aspects of the cybersecurity workforce that are included in the Executive Order. Request for Information Given the nature and importance of the Executive Order, NIST requests information from the public about current, planned, or recommended education and training programs aimed at strengthening the U.S. cybersecurity workforce. Respondents are encouraged--but are not required--to respond to each question and to present their answers after each question. The following questions cover the major areas about which NIST seeks comment. They are not intended to limit the topics that may be addressed. Respondents may address related topics and may organize their submissions in response to this RFI in any manner. Responses may include estimates; please indicate where the response is an estimate. All responses that comply with the requirements listed in the DATES and ADDRESSES sections of this RFI will be considered. Comments containing references, studies, research, and other empirical data that are not widely published should include copies or electronic links of the referenced materials. Do not include in comments or otherwise submit proprietary or confidential information, as all comments received in response to this RFI will be made available publicly at https://nist.gov/nice/cybersecurityworkforce. Comments that contain profanity, vulgarity, threats, or other inappropriate language will not be posted or considered. General Information 1. Are you involved in cybersecurity workforce education or training (e.g., curriculum-based programs)? If so, in what capacity (including, but not limited to: Community college or university faculty or administrator; official with a non-profit association focused on cybersecurity workforce needs; manufacturer or service company that relies on cybersecurity employees; cybersecurity curriculum developer; cybersecurity training institute; educator in a primary grade school; government agency that provides [[Page 32174]] funding for cybersecurity education; or student or employee enrolled in a cybersecurity education or training program)? Note: Providing detailed information, including your specific affiliation is optional and will be made publicly available. Commenters should not include information they do not wish to be posted (e.g., personal or confidential business information) and are strongly encouraged not to include Personally Identifiable Information in their submissions. Growing and Sustaining the Nation's Cybersecurity Workforce 1. What current metrics and data exist for cybersecurity education, training, and workforce developments, and what improvements are needed in the collection, organization, and sharing of information about cybersecurity education, training, and workforce development programs? 2. Is there sufficient understanding and agreement about workforce categories, specialty areas, work roles, and knowledge/skills/ abilities? 3. Are appropriate cybersecurity policies in place in your organization regarding workforce education and training efforts and are those policies regularly and consistently enforced? 4. What types of knowledge or skills do employers need or value as they build their cybersecurity workforce? Are employer expectations realistic? Why or why not? Are these expectations in line with the knowledge and skills of the existing workforce or student pipeline? How do these types of knowledge and skills vary by role, industry, and sector, (e.g., energy vs financial sectors)? 5. Which are the most effective cybersecurity education, training, and workforce development programs being conducted in the United States today? What makes those programs effective? What are the goals for these programs and how are they successful in reaching their goals? Are there examples of effective/scalable cybersecurity, education, training, and workforce development programs? 6. What are the greatest challenges and opportunities facing the Nation, employers, and workers in terms of cybersecurity education, training, and workforce development? 7. How will advances in technology (e.g., artificial intelligence, Internet of Things, etc.) or other factors affect the cybersecurity workforce needed in the future? How much do cybersecurity education, training, and workforce development programs need to adapt to prepare the workforce to protect modernized cyber physical systems (CPS)? 8. What steps or programs should be continued, modified, discontinued, or introduced to grow and sustain the Nation's cybersecurity workforce, taking into account needs and trends? What steps should be taken: i. At the Federal level? ii. At the state or local level, including school systems? iii. By the private sector, including employers? iv. By education and training providers? v. By technology providers? Kevin Kimball, NIST Chief of Staff. [FR Doc. 2017-14553 Filed 7-11-17; 8:45 am] BILLING CODE 3510-13-P
![32172 Federal Register / Vol. 82, No. 132 / Wednesday, July 12, 2017 / Notices
subject to this review. For any Cash Deposit Requirements Failure to comply with the regulations
individually examined respondent The following cash deposit and terms of an APO is a violation
whose weighted-average dumping requirements will be effective upon which is subject to sanction.
margin is above de minimis (i.e., 0.50 publication of these final results of This notice of the final results of this
percent), the Department will calculate review for shipments of the subject antidumping duty administrative review
importer- (or customer)-specific merchandise from the PRC entered, or is issued and published in accordance
assessment rates for merchandise withdrawn from warehouse, for with sections 751(a)(1) and 777(i) of the
subject to this review. Where the consumption on or after the publication Act and 19 CFR 351.213 and 19 CFR
respondent reported reliable entered date, as provided by section 751(a)(2)(C) 351.221(b)(5).
values, the Department calculated of the Act: (1) For the companies listed Dated: July 5, 2017.
importer- (or customer)-specific ad above the cash deposit rate will be their Carole Showers,
valorem rates by aggregating the respective rate established in the final Executive Director, Office of Policy,
dumping margins calculated for all U.S. results of this review; (2) for previously performing the duties of the Deputy Assistant
sales to the importer- (or customer) and investigated PRC and non-PRC exporters Secretary for Enforcement and Compliance.
dividing this amount by the total not listed above that have separate rates,
the cash deposit rate will continue to be Appendix—List of Topics Discussed in
entered value of the sales to the the Issues and Decision Memorandum
importer- (or customer).14 Where the the exporter-specific rate published for
Department calculated an importer- (or the most recent period; (3) for all PRC Summary
exporters of subject merchandise which Background
customer)-specific weighted-average Scope of the Order
dumping margin by dividing the total have not been found to be entitled to a
separate rate, the cash deposit rate will List of Abbreviations and Acronyms
amount of dumping for reviewed sales Discussion of the Issues
be the rate for the PRC-wide entity (i.e.,
to the importer- (or customer) by the Comment 1: Scope of the Order
165.04 percent); and (4) for all non-PRC
total sales quantity associated with (A) The Scope of the Order Is Unlawful
exporters of subject merchandise which (B) The Final Scope Determination Does
those transactions, the Department will have not received their own rate, the
direct CBP to assess importer- (or Not Apply Retroactively
cash deposit rate will be the rate Comment 2: CVD Export Subsidies
customer)-specific assessment rates applicable to the PRC exporter that Comment 3: Use of Zero Import Quantity
based on the resulting per-unit rates.15 supplied that non-PRC exporter. These Comment 4: Use of Differential Pricing
Where an importer- (or customer)- deposit requirements, when imposed, Analysis
specific ad valorem or per-unit rate is shall remain in effect until further Comment 5: Surrogate Value for Aluminum
greater than de minimis, the Department notice. Frames
will instruct CBP to collect the Comment 6: Surrogate Value for Scrap
appropriate duties at the time of Disclosure Modules
We intend to disclose the calculations Comment 7: Exclusion of Certain Sales in the
liquidation. Where either the Calculation of Dumping Margin
respondent’s weighted average dumping performed for these final results within Comment 8: Warranty Expenses
margin is zero or de minimis, or an five days of publication of this notice in Comment 9: Debt Restructuring Income
importer (or customer-) specific ad the Federal Register in accordance with Comment 10: Surrogate Value for Module
valorem or per-unit rate is zero or de 19 CFR 351.224(b). Glass
minimis, the Department will instruct Notification to Importers Regarding the Comment 11: Selection of Financial
CBP to liquidate appropriate entries Statements
Reimbursement of Duties Comment 12: JA Solar Technology Co., Ltd.’s
without regard to antidumping duties.16 This notice also serves as a final No Shipments Claim
For merchandise whose sale/entry reminder to importers of their [FR Doc. 2017–14611 Filed 7–11–17; 8:45 am]
was not reported in the U.S. sales responsibility under 19 CFR BILLING CODE 3510–DS–P
database submitted by an exporter 351.402(f)(2) to file a certificate
individually examined during this regarding the reimbursement of
review, but that entered under the case antidumping duties prior to liquidation DEPARTMENT OF COMMERCE
number of that exporter (i.e., at the of the relevant entries during this
individually-examined exporter’s cash review period. Failure to comply with National Institute of Standards and
deposit rate), the Department will this requirement could result in the Technology
instruct CBP to liquidate such entries at Department’s presumption that [Docket Number 170627596–7596–01]
the PRC-wide rate. Additionally, if the reimbursement of antidumping duties
Department determines that an exporter occurred and the subsequent assessment Strengthening the Cybersecurity of
under review had no shipments of the of double antidumping duties. Federal Networks and Critical
subject merchandise, any suspended Notification Regarding Administrative Infrastructure: Workforce Development
entries that entered under that Protective Orders (APO) AGENCY: National Institute of Standards
exporter’s case number will be
This notice also serves as a reminder and Technology (NIST), Department of
liquidated at the PRC-wide rate.17 to parties subject to APO of their Commerce.
responsibility concerning the return or ACTION: Notice; Request for Information
14 See 19 CFR 351.212(b)(1).
asabaliauskas on DSKBBXCHB2PROD with NOTICES
15 Id.
destruction of proprietary information (RFI).
16 See Antidumping Proceedings: Calculation of
disclosed under APO in accordance
the Weighted-Average Dumping Margin and with 19 CFR 351.305, which continues SUMMARY: Executive Order 13800,
Assessment Rate in Certain Antidumping Duty to govern business proprietary ‘‘Strengthening the Cybersecurity of
Proceedings; Final Modification, 77 FR 8101, 8103 information in this segment of the Federal Networks and Critical
(February 14, 2012). proceeding. Timely written notification Infrastructure’’ (the ‘‘Executive Order’’),
17 See Non-Market Economy Antidumping
Proceedings: Assessment of Antidumping Duties, 76
of the return or destruction of APO directs the Secretary of Commerce, in
FR 65694 (October 24, 2011), for a full discussion materials, or conversion to judicial conjunction with the Secretary of
of this practice. protective order, is hereby requested. Homeland Security, and in consultation
VerDate Sep<11>2014 17:54 Jul 11, 2017 Jkt 241001 PO 00000 Frm 00013 Fmt 4703 Sfmt 4703 E:\FR\FM\12JYN1.SGM 12JYN1](https://thefederalregister.org/doc/82_FR_32304/page/1.svg)
![32174 Federal Register / Vol. 82, No. 132 / Wednesday, July 12, 2017 / Notices
funding for cybersecurity education; or 8. What steps or programs should be Regulations at 50 CFR 660.704 require
student or employee enrolled in a continued, modified, discontinued, or that all commercial fishing vessels with
cybersecurity education or training introduced to grow and sustain the permits issued under authority of the
program)? Note: Providing detailed Nation’s cybersecurity workforce, taking National Marine Fishery Service’s
information, including your specific into account needs and trends? What (NMFS) Fishery Management Plan for
affiliation is optional and will be made steps should be taken: United States (U.S.) West Coast Highly
publicly available. Commenters should i. At the Federal level? Migratory Species Fisheries display the
not include information they do not ii. At the state or local level, including vessel’s official number (U.S. Coast
wish to be posted (e.g., personal or school systems? Guard documentation number or state
confidential business information) and iii. By the private sector, including registration number). The numbers must
are strongly encouraged not to include employers? be of a specific size and format and
Personally Identifiable Information in iv. By education and training located at specified locations. The
their submissions. providers? official number must be affixed to each
v. By technology providers? vessel subject to this section in block
Growing and Sustaining the Nation’s
Cybersecurity Workforce Kevin Kimball, Arabic numerals at least 10 inches
NIST Chief of Staff.
(25.40 centimeters) in height for vessels
1. What current metrics and data exist more than 25 feet (7.62 meters) but
for cybersecurity education, training, [FR Doc. 2017–14553 Filed 7–11–17; 8:45 am]
equal to or less than 65 feet (19.81
and workforce developments, and what BILLING CODE 3510–13–P
meters) in length; and 18 inches (45.72
improvements are needed in the centimeters) in height for vessels longer
collection, organization, and sharing of than 65 feet (19.81 meters) in length.
information about cybersecurity DEPARTMENT OF COMMERCE
Markings must be legible and of a color
education, training, and workforce that contrasts with the background. The
development programs? National Oceanic and Atmospheric
display of the identifying number aids
2. Is there sufficient understanding Administration Proposed Information in fishery law enforcement. This
and agreement about workforce Collection; Comment Request; West requirement does not apply to
categories, specialty areas, work roles, Coast Region Vessel Identification recreational charter vessels.
and knowledge/skills/abilities? Requirements
3. Are appropriate cybersecurity II. Method of Collection
policies in place in your organization AGENCY: National Oceanic and The vessels’ official numbers are
regarding workforce education and Atmospheric Administration (NOAA), displayed on the vessels.
training efforts and are those policies Commerce.
regularly and consistently enforced? ACTION: Notice. III. Data
4. What types of knowledge or skills
OMB Control Number: 0648–0361.
do employers need or value as they SUMMARY: The Department of
Form Number(s): None.
build their cybersecurity workforce? Are Commerce, as part of its continuing
employer expectations realistic? Why or Type of Review: Regular submission
effort to reduce paperwork and
why not? Are these expectations in line (extension of a current information
respondent burden, invites the general
with the knowledge and skills of the collection).
public and other Federal agencies to
existing workforce or student pipeline? comment on proposed and/or Affected Public: Business or other for-
How do these types of knowledge and continuing information collections, as profit organizations.
skills vary by role, industry, and sector, required by the Paperwork Reduction Estimated Number of Respondents:
(e.g., energy vs financial sectors)? Act of 1995. 1700.
5. Which are the most effective Estimated Time per Response: All but
DATES: Written comments must be
cybersecurity education, training, and purse seine vessels, 45 minutes; purse
submitted on or before September 11,
workforce development programs being seine vessels, 1 hour, 15 minutes.
2017.
conducted in the United States today? Estimated Total Annual Burden
What makes those programs effective? ADDRESSES: Direct all written comments Hours: 1,325 hours.
What are the goals for these programs to Jennifer Jessup, Departmental Estimated Total Annual Cost to
and how are they successful in reaching Paperwork Clearance Officer, Public: $13,250.
their goals? Are there examples of Department of Commerce, Room 6616,
14th and Constitution Avenue NW., IV. Request for Comments
effective/scalable cybersecurity,
education, training, and workforce Washington, DC 20230 (or via the Comments are invited on: (a) Whether
development programs? Internet at pracomments@doc.gov). the proposed collection of information
6. What are the greatest challenges FOR FURTHER INFORMATION CONTACT: is necessary for the proper performance
and opportunities facing the Nation, Requests for additional information or of the functions of the agency, including
employers, and workers in terms of copies of the information collection whether the information shall have
cybersecurity education, training, and instrument and instructions should be practical utility; (b) the accuracy of the
workforce development? directed to Shannon Penna, National agency’s estimate of the burden
7. How will advances in technology Marine Fisheries Service (NMFS), West (including hours and cost) of the
Coast Region (WCR) Long Beach Office,
asabaliauskas on DSKBBXCHB2PROD with NOTICES
(e.g., artificial intelligence, Internet of proposed collection of information; (c)
Things, etc.) or other factors affect the 501 West Ocean Blvd., Suite 4200, Long ways to enhance the quality, utility, and
cybersecurity workforce needed in the Beach, CA 90802, (562) 980–4238 or clarity of the information to be
future? How much do cybersecurity shannon.penna@noaa.gov. collected; and (d) ways to minimize the
education, training, and workforce SUPPLEMENTARY INFORMATION: burden of the collection of information
development programs need to adapt to on respondents, including through the
prepare the workforce to protect I. Abstract use of automated collection techniques
modernized cyber physical systems This request is for extension of a or other forms of information
(CPS)? current information collection. technology.
VerDate Sep<11>2014 17:54 Jul 11, 2017 Jkt 241001 PO 00000 Frm 00015 Fmt 4703 Sfmt 4703 E:\FR\FM\12JYN1.SGM 12JYN1](https://thefederalregister.org/doc/82_FR_32304/page/3.svg)
Document Created: 2017-07-12 03:00:29
Document Modified: 2017-07-12 03:00:29
| Category | Regulatory Information | |
| Collection | Federal Register | |
| sudoc Class | AE 2.7: GS 4.107: AE 2.106: | |
| Publisher | Office of the Federal Register, National Archives and Records Administration | |
| Section | Notices | |
| Action | Notice; Request for Information (RFI). | |
| Dates | Comments must be received by 5 p.m. Eastern time on August 2, 2017. | |
| Contact | For questions about this RFI, contact: Danielle Santos at 301-975-5048 or [email protected] Please direct media inquiries to the NIST Public Affairs Office at 301-975- 2762 or [email protected] | |
| FR Citation | 82 FR 32172 |
2025 Federal Register | Disclaimer | Privacy Policy
USC | CFR | eCFR