For most established organizations, developing and maintaining a competent cybersecurity workforce needs little justification and is, in fact, a central requirement for ensuring resilient operations. As a result, these organizations invest significant resources in attempts to fulfill this requirement. However, most organizations find that the rapid changes and dynamic nature of cybersecurity make
... [Show full abstract] keeping their workforce up to date a very challenging problem. This report describes a traditional model commonly used for addressing this challenge, explains some operational limitations associated with that model, and presents a new, continuous approach to cybersecurity workforce development.