Cyberattacks on U.S. critical infrastructure and the theft of millions of records containing personally identifiable information have indicated that there are serious vulnerabilities in United States’ national cybersecurity approach. Cybersecurity encompasses the actions taken to protect against criminal access or unauthorized use of electronic data, as well as the measures taken to thwart cyber exploits. To function properly, this ecosystem requires effective processes, technologies, and enabled people.
In spite of many powerful innovations to make us more cyber secure, both governmental and private sector actors have failed to address the glaring talent gap in this field. There is a worrisome shortage of individuals with the skills and experience needed to protect our country against the asymmetrical threats we face.
According to the agency charged with tallying statistics on the cyber talent gap, there are over 1 million unfilled cybersecurity jobs right now. It is projected that this number will grow to 1.5 million by 2020. It is clear that we are not matching the capacity of the growing legions of cybercriminals with our own increased number U.S. experts who serve as our most important line of defense against them. We would not tolerate a projected 1.5-million-person deficit in our law enforcement or military ranks. Would should we accept such a shortage in our cyber defense force?
As the new administration enters the fray, the next recalculation should not be how to expand the $175 billion cybersecurity market. The focus should include practical strategies for assuring there are enough cybersecurity professionals to make the nation resilient. Enabled people are key to unlocking new opportunities that make the existing tools and processes more effective. If all existing best practices were employed we would eliminate 80% of all cyber breeches.