Three steps to fixing the cybersecurity talent shortage

More programs to motivate, recruit and train professionals are needed

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

If doubt lingers about the effec­tive­ness of cyber­se­cu­ri­ty mea­sures, the Pana­ma Papers episode ear­li­er this month has man­aged to increase that skep­ti­cism anoth­er notch or two.

Ed note_Trident Capital_Alberto YepezThe hack of 11.5 mil­lion sen­si­tive doc­u­ments from Mos­sack Fon­se­ca, a promi­nent Pana­man­ian law firm that alleged­ly helped high-pro­file peo­ple stash for­tunes out­side the purview of domes­tic tax laws, has raised lots of eye­brows. Is anybody’s dig­i­tal data real­ly secure any­more? Although Mos­sack Fon­se­ca is the fourth-largest “asset pro­tec­tion” law firm in the world, it is now most­ly viewed as just anoth­er entry on the swelling list of cyber­se­cu­ri­ty vic­tims.

How should this prob­lem be addressed? The solu­tion must start by focus­ing on the short­fall of rough­ly 1 mil­lion cyber­se­cu­ri­ty pro­fes­sion­als worldwide—a num­ber equiv­a­lent to the pop­u­la­tion of San Jose, Calif., the hub of Sil­i­con Val­ley. Cre­ative pro­grams to moti­vate, recruit and train cyber pro­fes­sion­als must be sub­stan­tial­ly expand­ed.

Com­pli­men­ta­ry webi­nar: How iden­ti­ty theft pro­tec­tion has become a must-have employ­ee ben­e­fit

Here are three sug­ges­tions:

  • Pro­vide in-house train­ing. Price­wa­ter­house­C­oop­ers, as one exam­ple, plans to hire 1,000 peo­ple this year for its cyber­se­cu­ri­ty con­sult­ing prac­tice. It’s con­fronting the labor scarci­ty head-on by recruit­ing new col­lege grad­u­ates, includ­ing lib­er­al arts majors, and also is focus­ing on vet­er­ans seek­ing pri­vate-sec­tor jobs. PwC ini­tial­ly trains these peo­ple in an inten­sive, four-week course lead­ing up to the CISSP, a glob­al­ly respect­ed cer­ti­fi­ca­tion.
  • Recruit mil­i­tary vet­er­ans. Fortinet, a lead­ing pur­vey­or of enter­prise-class cyber­se­cu­ri­ty solu­tions, has estab­lished a vet­er­ans pro­gram focused on mil­i­tary per­son­nel, based on the strength of their ana­lyt­i­cal and team­work skills and abil­i­ty to meet dead­lines under pres­sure. The pro­gram helps vet­er­ans tran­si­tion into the cyber­se­cu­ri­ty indus­try through employ­ment at Fortinet or with its dis­tri­b­u­tion and tech­nol­o­gy part­ners. Dozens of “FortiVets” already have been trained and hired.
  • Part­ner with col­leges in cyber­se­cu­ri­ty pro­grams. Rather than have com­put­er sci­ence and com­put­er engi­neer­ing majors take spe­cif­ic cyber­se­cu­ri­ty cours­es, uni­ver­si­ties are now cre­at­ing cyber­se­cu­ri­ty-spe­cif­ic pro­grams. Get to know these col­leges and part­ner with them by cre­at­ing intern­ship pro­grams. One well-known pro­gram, at South­east Mis­souri State Uni­ver­si­ty, has about 100 stu­dents and is the university’s fastest-grow­ing major. Cours­es include encryp­tion cod­ing, data analy­sis, risk assess­ment and orga­ni­za­tion­al cyber­se­cu­ri­ty strat­e­gy plan­ning.

Suc­cess along these or sim­i­lar lines is essen­tial. We all know that some indus­tries even­tu­al­ly crater, usu­al­ly because they become obso­lete. Cyber­se­cu­ri­ty need not be con­cerned about this. But inabil­i­ty to attract suf­fi­cient qual­i­fied tal­ent also can be a very seri­ous threat. Let’s resolve the prob­lem.

More sto­ries relat­ed to cyber­se­cu­ri­ty jobs:
Help want­ed: More women in cyber­se­cu­ri­ty jobs
Cyber­se­cu­ri­ty jobs go unfilled as breach­es boom
More cyber­se­cu­ri­ty experts move out of IT and into C-Suite jobs