The digital landscape is defined by ever-increasing demand for cyber security skills. Technologies that can address climate change, and advance the health and welfare are creating a demand for early career and historically untapped talent. We must align these jobs of tomorrow to our approaches to skilling, says Kemba Eneas Walden, US federal Acting National Cyber Director, in a foreword to the National Cyber Workforce and Education Strategy in the United States.
She describes it as a ‘a whole-of-nation endeavour’. She writes: “However, there are structural challenges to building our cyber workforce and education system: hundreds of thousands of vacant cyber jobs; an insufficiently diverse workforce to fill those jobs; and barriers to accessing cyber education and training.”
Broadly speaking, the document says that every ‘American should have the skills needed to efficiently and confidently use computers and the internet to accomplish a growing list of daily activities. We must also make cyber training and education more broadly available so that even those persons currently underrepresented in the cyber workforce are qualified to pursue well-paying, fulfilling cyber jobs. Many of these jobs do not require four-year degrees and offer pathways to acquire cyber skills in high demand’.
While the strategy states that cyber skills are becoming important to a greater number of occupations across all sectors, from manufacturing to space, in the US as in other countries, supply not matching demand is an ‘urgent concern’.
The document gives the example of software developers and product managers, who ‘must be equipped to manage the security and privacy implications of the software they create’. On education, the strategy says: “Those who create the software that shapes the contours of cyberspace, as well as those who design and build the OT [operational technology] and ICS [industrial control systems] essential to the operation of critical infrastructure, should have a strong understanding of cybersecurity.” The White House wants to see better connections between training providers, and employers.
The strategy also sets out what the federal government ought to do about cyber. It admits that gaps in interagency coordination are a factor contributing to ‘persistent challenges in the federal cyber workforce’.
For the 57-page document, visit the White House website.
Sylvain Cortes, VP Strategy at Hackuity said: “The White House’s newly revealed strategy is a wake-up call to close the frightening gap between cybersecurity supply and demand. Beyond the enduring individual and organisational duties for defence, there is a national security imperative. To put it simply, it takes a village. Security does not and cannot operate in a vacuum. The sooner countries and supranational entities can shore up the skill deficit and align security standards, the securer our world becomes. Today’s announcement is one step closer to that.”
Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, welcomed the strategy but said it must go further than addressing the short-term industry needs and provide a long-term vision into what cyber requirements will be. He said: “Computer literacy, cybersecurity, coding skills, engineering, data analytics and AI must all be part of the next generations basic skills, making it a digital strategy that includes cyber.
“This will move cybersecurity from being ‘by design’ to becoming ‘by default’ which is what makes the world a safer place online. Cyber should not be placed in a silo but must be integrated more into education and the workplace, which will ensure more skills are accelerated whilst also improving diversity.”