Cybersecurity Jobs and Education – Meeting the Needs

It’s can be hard to escape the growing need for improved cybersecurity. President Barack Obama even signed an executive order directing federal agencies to do a better job of sharing unclassified cyber threats with hopes of improving private sector security.

Pointing to vulnerabilities in our power grid, financial institutions and air traffic control systems, Obama said, “We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and economy.”

It’s far more than just threats to our infrastructure that pose risk. Symantic, the anti-virus software manufacturer, said cybercrime carries a cost of $114 billion annually as technology enables a new wave of old-fashioned crimes like theft and fraud, and adds new ones to the list, like information warfare (denial of service attacks) and hardware hijacking.  Cybercrimes and attacks are only speeding up due to a global environment that is increasingly reliant on information technology.

The surges in threat activity have subsequently translated into boom times for cybersecurity jobs. According to Burning Glass International, Inc., a firm specializing in using technology to match people and jobs, demand is growing at 12 times that of the overall job market. Between 2007 and 2012, demand for cybersecurity experts grew 73%, while demand for all computer jobs grew 20%. Salaries for experts in fields such as engineering, business analysis, project management and architecture averaged more than $100,000 a year. Burning Glass also noted that financial services companies and telecoms are driving demand as they face new threats and challenges. Healthcare, education and public administration also have upped their demand by 100% since 2007.

Cybersecurity demand

This situation has created a concerted push for more training and education among current cybersecurity jobs, but in the long term, the need is particularly pressing in the larger cyber-workforce pipeline. According to experts from the National Science Foundation, our education system, from the primary levels to universities, is not producing enough graduates equipped with the basic entry-level skills needed to contend with future cybersecurity demands.

Meanwhile, the government continues to press on to advance its understanding of cyber-risk and vulnerabilities, and ensure our nation’s cybersecurity workers, now and in the future, are equipped with the training and knowledge they need to help keep our country safe.

Combatting cyber crime

The expansion of cyber education, for example, has been identified as a key imperative under The Comprehensive National Cybersecurity Initiative, managed by the National Security Council. The initiative pointed out that it is the “people with the right knowledge, skills and abilities” who will be responsible for securing the U.S. government in cyberspace.

It also noted that existing cybersecurity training and personnel development programs are limited in focus and lack unity of effort.

“We must develop a technologically-skilled and cyber-savvy workforce and an effective pipeline of future employees. It will take a national strategy, similar to the effort to upgrade science and mathematics education in the 1950’s, to meet this challenge,” it said.

Another government initiative is the Information Technology Workforce Assessment for Cybersecurity (ITWAC). Among other things, the ITWAC identified specific domains requiring more extensive training to better equip IT security professionals to deal with increasingly pervasive cyberthreats. Senior leaders also pointed to the need for more training in strategic planning and policy development.

On any given day, thousands of cyber-attacks are striking at our government, our defense department, our financial system and banks, our information sources, our energy supplies and infrastructures. U.S.-CERT, the Department of Homeland Security’s cyberthreat clearinghouse, received 12,000 cyber incident reports in 2007. By 2012, that number had quadrupled. Our ability to not only stave off attacks but also understand our vulnerabilities and how to head off future attacks is an issue that occupies us not just today, but for decades to come.