The agency expects the fellows to bring new strategies for artificial intelligence, machine learning, post-compromise containment, cloud security and more to help design and implement CISA’s cybersecurity programs.
“This new effort will allow us to partner even more closely with top talent from the private sector as they become part of our team for a few days each month to help us tackle some of the most complex cybersecurity challenges we face as a nation,” CISA Director Jen Easterly said in a press release.
The fellowship will consist of eight technical experts from across the private sector. Fellows should be knowledgeable in cloud security, artificial intelligence, machine learning and secure software development, with several years of experience in their respective fields.
Available positions range from experts in software bill of materials (SBOM) to threat intelligence and cloud engineering.
Applicants can either nominate themselves or request their employer nominate them for a position. Interested applicants should include resumes, interest letters, statements of expertise, questionnaires and two references.
CISA is taking applications until July 8. The first cohort will start in fall 2022.
The fellowship follows CISA’s initiatives promoting stronger partnerships with the private sector, including their Shields Up campaign.
The campaign provides recommendations for “every organization – large and small” to prevent possible disruptive cyber attacks. CISA also supplies suggested responses during a cyber attack.
Additionally, since November, CISA has categorized around 340 products as known exploited vulnerabilities in their online catalog, including products like WhatsApp, Windows, Android OS, Chrome and Firefox.
All of this comes after the increase in cyber attacks in recent years. The Office of Management and Budget said in the 2020 State of Federal Cybersecurity that agencies reported facing 30,819 cybersecurity attacks in fiscal 2020. This is an 8% increase over the 28,581 reports in 2019.
Of the 2020 attacks, OMB categorized six of the reports as major incidents. In addition, the top five Risk and Vulnerability Assessments findings included spear-phishing weaknesses, easily crackable passwords and administrative password reuse.