It's no secret that the federal government is facing a serious shortage of cybersecurity professionals. A new report by the Center for Strategic and International Studies highlights the seriousness of the issue, both in quality and quantity.
"We not only have a shortage of the highly skilled technical people required to operate and support systems already deployed," the report states, "but also an even more desperate shortage of people who can design secure systems, write safe computer code and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts."
The report notes that while there are about 1,000 security professionals in the United States who have the essential specialized security skills, the government really needs about 10,000 to 30,000 professionals to effectively identify, build and staff defenses and responses to cyber threats. The challenges stem not just from a lack of certified professionals, CSIS notes, but also from the lack of an established cyber career field as well as an inadequate professional certification.
Having the right number of skilled cyber pros will require a new strategy that promotes and funds the development of more rigorous curricula in schools; supports the development and adoption of technically rigorous certifications; and ensures there is a career path that rewards and retains those with high-level technical skills, CSIS notes. The strategy also should use a combination of the hiring process, the acquisition process and training resources to raise the level of technical competence to those who build, operate and defend government systems, the report states.