Subscribe
Modern field guide to security and privacy

How to fill the massive cybersecurity workforce shortage (+video)

Cybersecurity skills are in growing demand, but decreasing supply. Key takeaways from an event Passcode hosted in Washington about closing the skills gap.

  • close
    Lisa Foreman Jiggetts, founder of the Women’s Society of Cyberjutsu, discussed diversity issues in cybersecurity at an event Tuesday in Washington hosted by Passcode.
    Michael Bonfigli/The Christian Science Monitor
    View Caption
  • About video ads
    View Caption
of

As many as a million jobs in cybersecurity remain unfilled around the world – but somehow, the massive shortfall in skilled talent hasn’t made it any easier to break into the field, especially for women, millennials, and people of color.

That challenge has led the government, schools, and companies to think outside the box in efforts to bring on new talent. Top officials from the Department of Homeland Security have traveled to  hacker conferences such as Black Hat and DEF CON to recruit talent. In January, Vice President Joe Biden and Energy Secretary announced a that the federal government would budget $25 million to train students at historically black colleges for cyber jobs. There are also a slew of degree and certificate programs available for people hoping to jump into this often high-paying field.

Those efforts are a start, but they aren’t likely to fix the deficit of cyber professionals in the near future.

On Wednesday, Passcode and the National Cybersecurity Alliance (NCSA) hosted an event in Washington featuring officials from the Department of Homeland Security and companies such as Raytheon and Symantec talking about ways to address the skill shortfall in both the government and private sector. The full video of the event is available here.

Here are three things we learned:

1. Creativity is key

One way to bring in new talent at the student level: Create fun challenges, not just homework. Arizona State University, for instance, gives students the opportunity to engage in team hacking competitions, poke around the Dark Web, and engage in other sorts of behavior that could typically be considered mischief.

Curiosity is a sign of great things to come, said Nadya Bliss, director of the school’s Global Security Initiative, which offers programs in cybersecurity at the undergraduate, graduate, and PhD level. "If [a student] actually [starts out] as a hacker, that may actually lead to someone who does very sophisticated problem solving," Ms. Bliss said. "[That] elevates to leading a team and hacking a big project which potentially leads to a leadership position."

close
Nadya Bliss, Director of the Global Security Initiative, Arizona State University, discusses the ubiquity of cyber vulnerabilities at an event on the cybersecurity skills gap in Washington, D.C. on Tuesday, October 27, 2015.

2. Industry partnerships help

But even though schools have gone far beyond book learning, more academic opportunities haven’t made the workforce more diverse. A study commissioned by Raytheon and NCSA released earlier this week shows a significant gender gap in terms of cyber education among a random sample of young adults aged 18 to 26 in a dozen countries. More than 74 percent of women polled didn’t think they had enough opportunities to study cybersecurity, compared to just 57 percent of men.

Cecily Joseph, vice president for corporate responsibility and chief diversity officer at Symantec, which offers several pipelines that train students and young professionals, acknowledged that the company couldn’t hire everyone it trains in those programs. Symantec only has a limited number of slots, Ms. Joseph said, so it needs industry to scoop up some of that talent and make sure the newly qualified workers get jobs.

"We’re not going to be successful without industry being a partner along the way," Joseph said. "Because it's other companies that are providing internship opportunities, it's nonprofits that are our training partners, providing training and curriculum guidance along the way."

Diversity can also be improved, according to Lisa Foreman Jiggetts, the founder of the Women’s Society of Cyberjutsu, a nonprofit designed to get women into cybersecurity jobs, by finding alternative means of hiring, such as mentorship and training programs.

close
Cecily Joseph, Vice President of Corporate Responsibility & Chief Diversity Officer at Symantec, discusses how the tech industry can increase its diversity at an event on the cybersecurity skills gap in Washington, D.C. on Tuesday, October 27, 2015.

3. Trust is essential

Hiring hackers isn’t as simple as it sounds. To work at the Department of Homeland Security or a big contractor such as Raytheon, technologists need to get through extensive background checks, adding to the recruiting headache for both sides.

"[The] majority of our cyber professionals have at least a top secret security clearance," said Darren Burton, vice president of Human Resources at Raytheon. "So to be able to find people that have the skills, and also have the kind of ethical behavior and the ability to be able to get the kind of clearances we need makes it that much more difficult." Even though there are opportunities to do government work outside of the cleared space, Burton acknowledged that they can be few and far between.

To build trust, Ben Scribner, director of the Department of Homeland Security’s National Cybersecurity Professionalization and Workforce Development program, said both the government and contractors need to engage with tech-savvy youngsters before they’re drawn into black hat hacker communities. That could mean doing outreach when in middle school and high school, before the allure of joining a hacker community takes over.

close
Bem Scribner, Program Director at the National Cybersecurity Professionalization and Workforce Development at the Department of Homeland Security, talks about why cyber professionals should work for the federal government at an event on the cybersecurity skills gap in Washington, D.C. on Tuesday, October 27, 2015.

About these ads
Sponsored Content by LockerDome
 

We want to hear, did we miss an angle we should have covered? Should we come back to this topic? Or just give us a rating for this story. We want to hear from you.

Loading...

Loading...

Loading...

Save for later

Save
Cancel

Saved ( of items)

This item has been saved to read later from any device.
Access saved items through your user name at the top of the page.

View Saved Items

OK

Failed to save

You reached the limit of 20 saved items.
Please visit following link to manage you saved items.

View Saved Items

OK

Failed to save

You have already saved this item.

View Saved Items

OK