|
A Human Capital Crisis in Cybersecurity – A White Paper of the CSIS Commission on Cybersecurity for the 44th Presidency, July 2010A new study has been released by Center for Strategic and International Studies (CSIS) Commission on Cybersecurity for the 44th President that looks into cybersecurity manpower challenges in the United States. The report titled, “A Human Capital Crisis in Cybersecurity,” is produced by CSIS - a bipartisan public and foreign policy think tank in Washington.
From the report:
“The nation and the world are now critically dependent on the cyber infrastructure that is vulnerable to threats and often under attack in the most real sense of the word.
... The problem is both of quantity and quality especially when it comes to highly skilled “red teaming” professionals We not only have a shortage of the highly technically skilled people required to operate and support systems already deployed, but also an even more desperate shortage of people who can design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts.
The cybersecurity workforce to which we speak in this report consists of those who self-identify as cybersecurity specialists as well as those who build and operate our systems and networks. That workforce includes not only workers on government payrolls, but also those contractors who operate as part of the extended government workforce. It also includes those who build and maintain the critical infrastructure on which the public and private sectors have come to rely.”
Related Links:
Prepublication: A Human Capital Crisis in Cybersecurity CSIS, Jul.16.2010
Cyberwarrior Shortage Threatens U.S. Security NPR, Jul.19.2010
Cybersecurity Expert Shortage Puts U.S. At Risk InformationWeek, Jul.21.2010
Sponsored byCSC
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byRadix
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byDNIB.com
The CSIS study is certainly enlightening, but the big question is…how will we close the talent gap? The U.S. needs to move quickly on this because our vulnerabilities seem to be increasing tremendously.
Check out this post from the ITAC blog as well:
http://itacidentityblog.com/help-wanted-u-s-needs-cybersecurity-experts-and-fast
The article and the report are not quite true. There are lots of people who have good security expertise and are available. The folks at the top are the ones who allowed the US to get behind the curve in the first place. That is where the real problem is.
They can not find people because they are looking for certain kinds of people - these are the ones they can’t find. They want people, for example, who already have a security clearance, because the process is expensive. They want people who already have government experience because the environment is politically charged. They also like people who have some kind of certification, because then they do not have to determine whether or not a candidate actually knows anything.
There are lots of other artificial obstacles thrown in the way. I suspect this is just a lot wringing of hands to get a bigger budget. If they really want to hire security people, they can contact me. I’ll give them some names.