TIMES.KY

Cayman Islands, Caribbeanand International News
Friday, Mar 29, 2024

Wanted: Millions of cybersecurity pros. Rate: Whatever you want

Wanted: Millions of cybersecurity pros. Rate: Whatever you want

A series of major digital security breaches over the past year are serving as a wake-up call to Corporate America about the need to invest in cybersecurity.

Friday brought yet another reminder of the risk of cyberattacks, when Microsoft (MSFT) said the hackers behind the 2020 Solar Winds breach launched a new attack on more than 150 government agencies, think tanks and other organizations globally.

But perhaps the most striking recent example is the Colonial Pipeline ransomware attack, which forced the company to shut down the pipeline temporarily - resulting in gas shortages and price spikes in multiple states over several days. The debacle cost Colonial at least $4.4 million, the amount its CEO admitted to paying the hackers.

In the weeks before the attack, the company had posted a job listing for a cybersecurity manager.

"As far as I know, this is the first cybersecurity incident that has led to a measurable economic impact on the American population," said Jonathan Reiber, senior director for cybersecurity and policy at AttackIQ and the chief strategy officer for cyber policy under the Obama administration's secretary of defense.

"It should be something that triggers people," he said.

The takeaway from such security breaches, according to experts, is that it's high time for companies to start investing in robust controls and, in particular, adding cybersecurity professionals to their teams.

The only hitch: There's a massive, longstanding labor shortage in the cybersecurity industry.

"It's a talent war," said Bryan Orme, principal at GuidePoint Security. "There's a shortage of supply and increased demand."

Millions of unfilled jobs


Experts have been tracking the cybersecurity labor shortage for at least a decade — and now, a new surge in companies looking to hire following recent attacks could exacerbate the problem.

The stakes are only growing, as technology evolves and bad actors become more advanced.

In the United States, there are around 879,000 cybersecurity professionals in the workforce and an unfilled need for another 359,000 workers, according to a 2020 survey by (ISC)2, an international nonprofit that offers cybersecurity training and certification programs.

Globally, the gap is even larger at nearly 3.12 million unfilled positions, the group says. Its CEO, Clar Rosso, said she thinks the need may actually be higher, given that some companies put off hiring during the pandemic.

The needs range from entry-level security analysts, who monitor network traffic to identify potential bad actors in a system, to executive-level leaders who can articulate to CEOs and board directors the potential financial and reputational risks from cyber attacks.

The US Bureau of Labor Statistics projects "information security analyst" will be the 10th fastest growing occupation over the next decade, with an employment growth rate of 31% compared to the 4% average growth rate for all occupations.

If demand for cybersecurity professionals in the private sector increases dramatically, some experts say talented workers could leave the government for more lucrative corporate jobs — a risk that is especially acute for smaller, local government agencies that manage critical infrastructure in their communities but have limited budgets.

"Think of the criticality of what your local government does: water purification, waste treatment, traffic management, communications for law enforcement, public safety, emergency management," said Mike Hamilton, chief information security officer at Critical Insight. "But Amazon is out there waving around bags of cash to protect their retail operation."

Hamilton — who was the former chief information security officer for Seattle, Washington, from 2006 to 2013 — added that local governments "cannot attract and retain these people when the competition for them is so high, which is why we've got to make lots of them."

'Not a short term solution'


A variety of education, training and up-skilling programs are already working to address the shortage.

GuidePoint helps train veterans leaving the military for cybersecurity careers. And Critical Insight's Hamilton runs a nonprofit called Public Infrastructure Security Cyber Education Systems, through which students at five universities get hands-on experience by doing security monitoring of real-time data on local government networks, providing a crucial service for small cities and counties that might not otherwise be able to afford it.

Experts say there's also an opportunity to bring new talent into the industry by focusing on diversity. Just 25% of cybersecurity professionals are women, so (ISC)2 launched a diversity, equity and inclusion program this year aimed at recruiting and keeping more women in the profession, Rosso said.

"We need to recognize that there is this huge diversity of people that can actually do ... this job very well," Hamilton said, referring to security analysts who monitor traffic on a network to look for behavior that might indicate a bad actor has accessed the system. "As a country, we are not taking very good advantage of the resources that we have."

In the meantime, as the industry works to grow its labor force, it could be a huge opportunity for service and software provider companies that can help firms beef up their cybersecurity protocols without hiring their own teams.

Because even with existing training programs, the global cybersecurity labor gap is expected to grow by 20% to 30% annually over the next several years, (ISC)2's Rosso said. Experts say both the public and private sectors must invest more in growing the industry's workforce.

Portions of President Joe Biden's $2 trillion American Jobs Plan could help. The infrastructure proposal includes $20 billion for state, local and tribal governments to update and improve cybersecurity controls for their energy systems.

Still, experts say more needs to be done, suggesting a broad rethinking of education systems from elementary school through higher education to include more cybersecurity training.

"Sadly, there's not a short-term solution," GuidePoint's Orme said. "I think we need to take a long-term view of it — as a lot of our adversaries do — to say, how can we systematically build the next generation and the generation after that and create a flywheel of qualified security talent that will be entering the workforce over the next 50 to 100 years?"

Newsletter

Related Articles

TIMES.KY
0:00
0:00
Close
Paper straws found to contain long-lasting and potentially toxic chemicals - study
FTX's Bankman-Fried headed for jail after judge revokes bail
Blackrock gets half a trillion dollar deal to rebuild Ukraine
Israel: Unprecedented Civil Disobedience Looms as IDF Reservists Protest Judiciary Reform
America's First New Nuclear Reactor in Nearly Seven Years Begins Operations
Southeast Asia moves closer to economic unity with new regional payments system
Today Hunter Biden’s best friend and business associate, Devon Archer, testified that Joe Biden met in Georgetown with Russian Moscow Mayor's Wife Yelena Baturina who later paid Hunter Biden $3.5 million in so called “consulting fees”
Singapore Carries Out First Execution of a Woman in Two Decades Amid Capital Punishment Debate
Google testing journalism AI. We are doing it already 2 years, and without Google biased propoganda and manipulated censorship
Unlike illegal imigrants coming by boats - US Citizens Will Need Visa To Travel To Europe in 2024
Musk announces Twitter name and logo change to X.com
The politician and the journalist lost control and started fighting on live broadcast.
The future of sports
Unveiling the Black Hole: The Mysterious Fate of EU's Aid to Ukraine
Farewell to a Music Titan: Tony Bennett, Renowned Jazz and Pop Vocalist, Passes Away at 96
Alarming Behavior Among Florida's Sharks Raises Concerns Over Possible Cocaine Exposure
Transgender Exclusion in Miss Italy Stirs Controversy Amidst Changing Global Beauty Pageant Landscape
Joe Biden admitted, in his own words, that he delivered what he promised in exchange for the $10 million bribe he received from the Ukraine Oil Company.
TikTok Takes On Spotify And Apple, Launches Own Music Service
Global Trend: Using Anti-Fake News Laws as Censorship Tools - A Deep Dive into Tunisia's Scenario
Arresting Putin During South African Visit Would Equate to War Declaration, Asserts President Ramaphosa
Hacktivist Collective Anonymous Launches 'Project Disclosure' to Unearth Information on UFOs and ETIs
Typo sends millions of US military emails to Russian ally Mali
Server Arrested For Theft After Refusing To Pay A Table's $100 Restaurant Bill When They Dined & Dashed
The Changing Face of Europe: How Mass Migration is Reshaping the Political Landscape
China Urges EU to Clarify Strategic Partnership Amid Trade Tensions
Europe is boiling: Extreme Weather Conditions Prevail Across the Continent
The Last Pour: Anchor Brewing, America's Pioneer Craft Brewer, Closes After 127 Years
Democracy not: EU's Digital Commissioner Considers Shutting Down Social Media Platforms Amid Social Unrest
Sarah Silverman and Renowned Authors Lodge Copyright Infringement Case Against OpenAI and Meta
Italian Court's Controversial Ruling on Sexual Harassment Ignites Uproar
Why Do Tech Executives Support Kennedy Jr.?
The New York Times Announces Closure of its Sports Section in Favor of The Athletic
BBC Anchor Huw Edwards Hospitalized Amid Child Sex Abuse Allegations, Family Confirms
Florida Attorney General requests Meta CEO's testimony on company's platforms' alleged facilitation of illicit activities
The Distorted Mirror of actual approval ratings: Examining the True Threat to Democracy Beyond the Persona of Putin
40,000 child slaves in Congo are forced to work in cobalt mines so we can drive electric cars.
BBC Personalities Rebuke Accusations Amidst Scandal Involving Teen Exploitation
A Swift Disappointment: Why Is Taylor Swift Bypassing Canada on Her Global Tour?
Historic Moment: Edgars Rinkevics, EU's First Openly Gay Head of State, Takes Office as Latvia's President
Bye bye democracy, human rights, freedom: French Cops Can Now Secretly Activate Phone Cameras, Microphones And GPS To Spy On Citizens
The Poor Man With Money, Mark Zuckerberg, Unveils Twitter Replica with Heavy-Handed Censorship: A New Low in Innovation?
Unilever Plummets in a $2.5 Billion Free Fall, to begin with: A Reckoning for Misuse of Corporate Power Against National Interest
Beyond the Blame Game: The Need for Nuanced Perspectives on America's Complex Reality
Twitter Targets Meta: A Tangle of Trade Secrets and Copycat Culture
The Double-Edged Sword of AI: AI is linked to layoffs in industry that created it
US Sanctions on China's Chip Industry Backfire, Prompting Self-Inflicted Blowback
Meta Copy Twitter with New App, Threads
The New French Revolution
BlackRock Bitcoin ETF Application Refiled, Naming Coinbase as ‘Surveillance-Sharing’ Partner
×