The US Navy is looking to train some of its sailors as ethical hackers to better defend itself against cyberattacks. The navy is seeking contractors who can train 34 of its officers in the Certified Ethical Hacker program in San Diego in June.
According to a online solicitation spotted by NextGov, the navy is inviting vendors to present quotes related to the expected cost of providing "high quality training services" to its officers, which would involve them being eventually certified as ethical hackers by the International Council of Electronic Commerce Consultants (EC-Council). The Certified Ethical Hacker program takes place in San Diego between 6 and 10 June. The navy requires that the training be administered by the EC-Council or an authorised partner.
The navy describes a certified ethical hacker as "a skilled professional who understands and knows how to look for the weaknesses and vulnerabilities in networks and/or computer systems and uses the same knowledge and tools as a malicious hacker upon request from an organisation. The certification is for individuals who are responsible for securing (or testing the security of) computer networks".
The navy is not the only branch of the American military to seek additional training in cyberdefence. The US Army also conducts similar training courses for its cybersecurity professionals. The navy, however, is aiming to train those who specifically work with its computer networks. This includes security officials, auditors, website administrators and all others who are tasked with managing, testing and securing the navy's IT infrastructure, both stateside and abroad.
The move comes just months after the US Air Force's chief technology officer, Frank Koniecnzy, called for the Pentagon to consider placing responsibility for the military's IT infrastructure with third-party contractors rather than completely relying on in-house support. Military and intelligence organisations have been under pressure to retain qualified security professionals, who, given the current atmosphere to widespread and varied cyberattacks, are considered highly valuable to such organisations.