[Technical Initiative Funding Request]: Cybersecurity Workforce Development (Education Focus) #343
Comments
|
Thanks for taking the time to submit this TI funding request. A few questions:
|
|
Thank you for the thoughtful response.
Response: Yes, this is only a one-time request. Thank you for clarifying, there is no expectation of recurring funds regarding this request. Yes, this is request is planned for Fall 2024.
Response: Yes, if the program is successful this would be the intent. We would seek to utilize the successes from this to expand to other educational entities (This may include other educational entities such as: HBCUs, Community Colleges, Technical/Trade Schools, "Girls Who Code", Codebar, Code2040, and other similar organizations to learners).
Response: An estimate shared from the leadership at the school has been 40. The 34 scholarships estimate is from the 83%+ economically disadvantaged student population.
Response: There are a few different approaches to this that was discussed with the school's leadership (IT Program) previously. This was conceptualized as occurring throughout the 10-week instruction and encouraged by the instructor. Self-Reviewed after TAC meeting on 06/11/2024 Edited on 06/11/2024 to allow reading the responses easier and potentially save time of the reader by bolding each Response: word and colon to Response:. |
|
Thanks, I'm supportive of this funding request. |
github-project-automation
bot
moved this to Submitted
in OpenSSF TI Funding Project Board
|
Request Summary One Page Summary Summary of Request Infographic (Multiple PowerPoints) Example of Deliverables Reporting Process Deliverables.Report.Monthly.Updates.pdf May include Working Groups that request inclusion from Education SIG SOW Sample This sample shows a sample of the PWS including the deliverables of the entire Performance Work Statement. To request the Performance Work Statement that contains entire PWS documentation, please review our instructions (URL 1) regarding the submission of a request to our Git Account (URL 2) URL 1: https ://github.com/CyberEducators/Request-For-Additional-Information If utilizing copy and paste of URL, remove space after https to access the URL(s) from the hyperlinks. |
|
Hello, and thanks for submitting this funding request! As you heard on the TAC call earlier today, we're early in the process of funding work in OpenSSF Technical Initiatives (TIs) and so there's still some process bumps we're trying to work out. I think the main question I have with this request is what OpenSSF TI is submitting this request? Are you affiliated with the Education SIG? It looks like your account is newly created, so it's not clear what your affiliation is. It looks like your budget request summary is requesting $75,000. At the very least, this would require the Education SIG (or whatever TI you're affiliated with) to have a defined lifecycle phase (and probably a pretty mature one) to request that level of funding. |
marcelamelara
moved this from Submitted
to Under TAC review
in OpenSSF TI Funding Project Board
|
@CyberEducators Thanks for submitting this funding request! Was this request presented by Tom Ritter at the DEI WG meeting on 6/4/2024? If so, I unfortunately vote to reject this request in Q2. Per our discussion during that meeting, the WG would not support this funding request because this effort isn't affiliated with the WG or the OpenSSF. As we explained during last week's call and as @steiza described above, only officially affiliated TIs that have gone through the lifecycle process are currently eligible for this type of funding. All that said, I'd love for this kind of effort to participate in the OpenSSF and grow a community around it. Either the Education SIG or DEI WG would be great spaces to host a possible TI here, so I strongly encourage this team to become regular participants in one of these TIs, and maybe become its own TI some time. |
|
@steiza This was requested to the Education SIG’s with their support of the budget request. This includes the budget requested to complete the objectives/goals/metrics included. This budget request is regarding this previous request that received guidance to submit through the new process that was recently approved (The Technical Initiative Funding Process). |
|
Thank you for the invitation and interest in the effort. To clarify, our anticipated community involvement includes collaboration throughout, reporting of metrics achievement included in this budget request, and the relevant deliverables. |
|
Our TI Funding Process is meant to support our Technical Initiatives. The fact that the @CyberEducators account was just created a few days ago seems to indicate that this isn't coming from one of our TIs. On that basis, I don't think this request is acceptable. This doesn't mean that there is no value in the proposal in itself but I would note that we don't even have any evidence that whoever is behind the account has the credentials necessary to fulfill the proposal if the request were granted. |
@SecurityCRob / @CyberEducators
Thanks! |
Appreciate the response regarding your concerns. It may be helpful to clarify regarding this. The PWS/SOW includes a requested payment schedule that would require the approval of deliverables from the LF/OpenSSF representative after an agreement is reached between LF/OpenSSF and the legal entity tasked with the deliverables. Out of consideration of the credentialed person(s) privacy, the verification of their credentials to reference has been anticipated up to this point to occur during the process of reaching a legal agreement between LF/OpenSSF and the legal entity tasked with the deliverables. |
Can you talk about how this idea has evolved in the BEST Working Group, Education Special Interest Group? Response: Over the past few years, this has continued to progress and has been awaiting funding availability. Is this idea something that the Education SIG has been wanting do (from this TAC issue about funding that didn't materialize from the mobilization plan a couple years ago? #189) pending funding? Response: Yes. Is the requestor a community member participant in OSSF Education SIG community over the past couple years? Response: At various times over the past few years, there was attendance by the requestor that resulted in previous budget requests. |
steiza
added
TI Funding Request
|
I do not support this funding request for this funding cycle. It's not clear to me that this proposal was made in conjunction with the Education SIG, but even if it was, a pre-requisite for the funding would be for the Education SIG to have an established lifecycle stage in https://github.com/ossf/tac/tree/main/process/sig-lifecycle-documents. |
|
I appreciate the clarifications @CyberEducators . Unfortunately, sporadic engagement with the OpenSSF community over a few years, as you indicated above, to me doesn't signal that this effort has a community behind it, nor that it has strong endorsement by the EDU.SIG. I would really like to see consistent involvement with the EDU.SIG, the BEST WG or the DEI WG and for this effort I vote to reject. |
Transparency, rapport, and trust are at the core of the work we do. It’s difficult for me to see how our working groups could endorse this, and I would personally strongly oppose it solely on the grounds of the secretive nature surrounding this request and the associated account. This also reads like a vendor soliciting the OpenSSF TAC to procure its services and that's not how it works. |
|
I can only agree with @ctcpip. Our funding process isn't meant to be a call for proposals from service providers. |
|
For Q2 the consensus I get from the TAC is that this proposal needs more development and consistent engagement within a TI (probably the BEST WG). Once members from that group work with the proposer to ensure more involvement with the WG membership and broader review, the TAC could reconsider this. The proposal has merit, but at this stage feels very disconnected from our groups and processes. |
|
@SecurityCRob Thank you for a summary regarding the responses, it seems similar to my interpretation of the TAC's responses. It's clear that this proposition/request is directly correlated to the Education SIG & relevant WGs and processes. Such as: multiple monthly meetings to work with the community to reach goals/objectives/etc., exchange information to reach objectives set by the organization, and use of this site to post information. One example of the budget request team's processes directly associated with the Education SIG's and relevant WGs processes: There may be a difference in the preference of terminology and words used to describe the work. Would it be possible to share some clarification? For example, will it be necessary to require the OpenSSF organization's time and continued time commitment of our organization(s) to attend the relevant SIGs & WGs for multiple meetings recurringly to accomplish tasks that may include the replacement of words with "Collaboration on an ongoing basis to fulfill the needs of the organization directly correlated to the objectives set fourth" rather than "Reporting of Deliverables Twice Monthly (Before each Education SIG Meeting)" and replace "PM" with "Chair of WG or Equivalent". There may be more similarities that require clarification into the terminology of the OpenSSF organization's preferred communication style, this is something we would be very willing support with the team member that begins support after a budget request is approved. |
|
/vote |
Vote created@riaankleinhans has called for a vote on The members of the following teams have binding votes:
Non-binding votes are also appreciated as a sign of support! How to voteYou can cast your vote by reacting to
Please note that voting for multiple options is not allowed and those votes won't be counted. The vote will be open for |
|
Gitvote was added as a tool to test for stream lining the TI Funding process. Community members can show their support by also voting, however only the "TAC" GH Group's votes will count. The current passing threshold is 70% and the committee is the TAG GH group. All these parameters can by fine tuned or changed here |
@CyberEducators @SecurityCRob Can you please share updates/indicators for more engagement with the EDU SIG or BEST WG since Q2? |
|
On 17Sept a quorum of the TAC met to discuss the pending Q3 TI Funding Requests. All in attendance expressed concern around the lack of working group and sig engagement and collaboration on this request. This request does not meet with our current goals, and perhaps would be better offered to LF Education. This request is not approved. |
riaankleinhans
moved this from Needs Refinement
to Declined
in OpenSSF TI Funding Project Board
Vote statusSo far Summary
Binding votes (0)
|
1 similar comment
Vote statusSo far Summary
Binding votes (0)
|
|
/cancel-vote |
Vote cancelled@lehors has cancelled the vote in progress in this issue. |
Problem Statement
Talent shortage of cybersecurity professionals
Demand exceeds supply within the cybersecurity workforce, as cited by numerous statistics and studies in recent years 1 , 2, 3) leading to an increased in emphasis on cybersecurity education to fulfill the workforce needs.
Time Scarcity of Cybersecurity Professionals for Educating
The workforce demand exceeding supply of cybersecurity talent leads to a continuous and compounding problem resulting from a lack of resources (including availability of time from credentialed cybersecurity professionals) to assist with education of persons furthering education in cybersecurity disciplines.
*Those most motivated to receive cybersecurity education may have financial impediments to continuing their education necessary to maintain cybersecurity skills. *
Who does this affect?
All participating Open-Source communities, OpenSSF Team, Linux Foundation, young software engineers, those seeking to further education in cybersecurity principles, and economically disadvantaged persons (including students) seeking to further their understanding of cybersecurity principles and developing secure software by design.
Have there been previous attempts to solve this problem?
Yes, there have been many attempts to solve for this/these problem(s). Some have been successful, however the scale of this problem and the issues attributed to the availability of time from credentialed cybersecurity professionals. This frequently results from the constrained resources of the cybersecurity workforce (Time in high demand of cybersecurity professionals and minimal availability). The numbers indicate a demand from industry for more cybersecurity professionals and a resulting demand on the resource (time) necessary to upskill, mentor, and educate technologists and software developers in cybersecurity.
Our approach is to apply resources we have available to work alongside the existing education system to encourage people interested in cybersecurity to increase their education in cybersecurity principals, including those that may be deemed as economically disadvantaged with difficulties attaining the resources to receive education on the subject matter.
Why it should be accomplished now by this TI?
The cybersecurity workforce demand is significant. Further collaboration with the education system will enable an increase to the cybersecurity skillsets of students with interest in software, those already skilled in software development principals, and further the reach of cybersecurity education to persons that are deemed as economically disadvantaged.
What is required to make the funding initiative happen?
Attachment A includes what needs accomplishment and funding that is requested/necessary for each objective achievement.
Resources needed include:
Lead Educator
Prepares the live instruction being delivered throughout the scheduled 10-weeks to students enrolled.
Experience: 15+ years of cybersecurity experience, experience cybersecurity education in live instruction
In-Person Educator
Provides in-person mentorship and assistance to students enrolled at the educational entity to ensure all students are progressing through the course, including those that may be learning the information for the first time.
Works on refining the deliverables and confirms the best practices to educate LFD 121 students of the demographic reached. Includes observations, frequently asked questions, and recommendations regarding what leads to success with the demographics of students receiving the cybersecurity education.
Experience: 5+ years of cybersecurity experience, ability to share experiences and assist with questions from personnel.
Business Administrator
Prepares the information to share with OpenSSF Education WGs/SIGs, LF, and all relevant persons (including the educational entity) in a easily accessible and legible format (report). Gathers completed forms and facilitates the fulfillment of deliverables to the relevant OpenSSF representative(s) to approve.
Consolidates information to share with the OpenSSF representatives in the Education SIG, WGs, LF, etc. Templates available upon request. Encourages continuous improvement to existing coursework to reach various demographics from learned experience and shares deliverables with relevant teams.
Scholarships may allow for students with difficulties with access to continuing cybersecurity education to maintain them.
Experience: 2+ years experience with administrative tasks and facilitating professional relationships.
Deliverables Includes: LFD 121 In-Person Live Instruction Deliverables.pdf
What is going to be needed to deliver this funding initiative?
Adjustments to existing LMS at partnering secondary school, funding of resources and shared budget requested.
Adjustments to the existing LMS has been confirmed as viable and scoped to 10 hours of time by the lead educator.
Are there tools or tech that needs to be produced to facilitate the funding initiative?
No, unless slight augmentation to an LMS to support LFD 121 curriculum would be qualify in the context of this question.
Summary of the requirements that contextualize the costs of funding the initiative?
Attached "Summary of Deliverables" and "Budget Request Summary" includes an overview contextualizing the costs of funding the initiative.
Summary of Deliverables.pdf
Budget Request Summary.pdf
4.1.1 Mutual Agreement Status Report
Resource: Business Administrator (Consolidates Reports)
4.1.2 Expansion of Partnerships to include a Secondary School (comprised of 80%+ Means-Tested students)
Resource: Business Administrator, Lead Educator, In-Person Educator
4.1.3 Live Instructor Led Delivery of LF 121 Developing Secure Software to Secondary School
Resource: Business Administrator, Lead Educator, In-Person Educator
4.1.4 Means-tested scholarships
Resource: Business Administrator (Verification alongside school leadership)
4.1.5 Deliver Initial Live Instructor Led Content
Resources: Lead Educator, In-Person Educator, Business Administrator
4.1.6 In-Person Mentorship & Support for Means-Tested
Resources: In-Person Educator (In-person Q&A, Recommendations, Assistance made available throughout 10-weeks), Lead Educator (Recommendations to In-Person Educator when applicable), Business Administrator
Who is responsible for doing the work of this funding initiative?
Lead Educator, In-Person Educator, and Business Administrator
Who is accountable for doing the work of this funding initiative?
Legal entity tasking the Lead Educator, In-Person Educator, and Business Administrator.
There are multiple back-up contacts in case the accountable parties are no longer available that could support this initiative.
Which technical initiative will this funding initiative be associated with, will it report to which WG or project?
The funding initiative will be associated with an entity led by the Education SIG. As an example, this may include the DEI Working Group.
SOW Summary
This summary of the PWS/SOW includes the deliverables of the entire Performance Work Statement.
To request the Performance Work Statement that contains entire PWS documentation, please review our instructions regarding the sumission of a request to our Git Account.
Sample of PWS with SOW(Sample of SOW - PWS.pdf)
4.1.1 Mutual Agreement Status Report
Deliverables:
A. Monthly Mutual Agreement Status Report (Tasks Achievement)
4.1.2 Expansion of Partnerships to include a Secondary School (comprised of 80%+ Means-Tested students)
Deliverables:
A. Schedule for live instructor led delivery of LF 121 content (Due by August 1st, 2024)
B. Scholarship application document (Due by August 1st, 2024)
C. List of enrollees verified by secondary school leadership (Due by September 1st, 2024)
D. Secondary School Letter of Commitment Signed by Leadership (Due by August 1st,
2024/August 23rd, 2024)
4.1.3 Live Instructor Led Delivery of LF 121 Developing Secure Software to Secondary School
Deliverables:
A. Credential Instructor’s Letter of Commitment (By August 1st, 2024)
B. List of enrollees from secondary school in the instructor led course, Signed and Verified by
Secondary School’s leadership (By September 1st, 2024)
C. Status Report on Lessons delivered to means-tested students (September 1st, 2024, October
1st, 2024, November 1st, 2024)
D. Monthly enrollee’s status report (September 1st, 2024, October 1st, 2024, November 1st,
2024)
E. Summary of applicants for scholarship (September 1st, 2024)
4.1.4 Means-tested scholarships
Deliverables:
A. Status report of means-tested students progress (Due Monthly, September 1st, 2024,
, October 1st, 2024, November 1st, 2024)
B. Letter of verification signed by leadership of secondary school of the student’s mean’s tested
eligibility (Due by August 31st, 2024)
C. Scholarship issuance report to all means-tested recipients of scholarship including $ amount
(Due by November 1st, 2024)
4.1.5 Deliver Initial Live Instructor Led Content
Deliverables:
A. Progress report weekly
B. Instructor Attendance Report
C. Instructor Performance Report
D. Documentation of the summary of observations, lessons learned, and best practices for live
instruction of LFD 121 (Due by November 1st, 2024, progress may be requested earlier upon
request)
4.1.6 In-Person Mentorship & Support for Economically Disadvantaged
Deliverables:
A. Progress report weekly
B. List of frequently asked questions from students
D. Documentation of the summary of observations, lessons learned, and best practices for live
instruction of LFD 121 (Due by November 1st, 2024, progress may be requested earlier upon
request)
How will updates be made available to OpenSSF and relevant WGs/TAC?
Deliverables Report Monthly Updates.pdf
List the major milestones by date and identify the overall timeline within which the technical initiative plans to accomplish their goals. Any payments for services, sponsorships, etc., will require LF Legal and Financial review.
Mid-June TAC proposal review
July 16th-30th CyberEducators Team Member Joins DEI Meetings & Education SIG Meetings sharing updates in preparation for
Fall 2024 In-Person Education
Aug 1st PWS/SOW work begins
Aug 15th Preparation for 10-week instructor led course
September 1st Applications completed and report available regarding students attending the 10-week instructor led course completed & report available to WG/Education SIG/OpenSSF entity responsible for receipt of deliverables
Sept 1st – 30th Completion & reporting of month 1 deliverables
Oct 1st - 31st Completion & reporting of month 2 deliverables
Nov 1st - 30th Completion & reporting of month 3 deliverables
Pay schedule requested is included in the PWS. To request the Performance Work Statement that contains entire PWS documentation, please review our instructions regarding the sumission of a request to our Git Account.
The text was updated successfully, but these errors were encountered: