Rising Threats Trigger a Rush for Cyberworkers in the US
The federal government and the private sector face increasing pressure to fulfill key cyber roles as high-profile attacks and international threats rock various U.S. sectors.
Labor shortages have been a long-standing problem in cyber, but have taken on renewed importance in the context of growing Russian threats resulting from the war in Ukraine.
“This is a problem facing the government as well as the private sector, the state and local communities,” Iranga Kahangama, a cyber official with the Department of Homeland Security (DHS), told a hearing. in the House this week.
Kahangama said the shortage was a top priority for his agency, which conducted a 60-day recruitment sprint last summer to hire cybersecurity professionals. Out of 500 job postings sent out by DHS, the department was able to hire nearly 300 new cyberworkers.
“It was the biggest hiring event we’ve had so far,” Kahangama told lawmakers on a House Homeland Security subcommittee on intelligence and counterterrorism.
The focus on labor shortages comes as the United States has been on high alert recently, with intelligence officials warning of possible Russian cyberattacks targeting key government institutions, elections and critical infrastructure, including the energy and finance sectors.
Private sector leaders are also feeling the pressure to hire highly skilled workers to combat the growing threats of ransomware and other online attacks.
“There is absolutely a cybersecurity labor shortage across all industries,” said Greg Valentine, senior vice president at cybersecurity firm Industrial Defender.
The cyber executive said he has seen an increase in demand for cyber workers, which he attributes mainly to recent events such as the war in Ukraine, the Colonial Pipeline ransomware attack in 2021 and the SolarWinds hack in 2020 .
Valentine said that whenever a security breach becomes public, business leaders tend to panic and scramble to secure resources and hire more cybersecurity professionals to ensure their businesses are secure.
He added that it’s not necessarily the breach itself that motivates executives to invest more in cybersecurity, but rather the publicity surrounding the hack that drives industry leaders to action.
When it comes to alleviating the current labor shortage — which is caused by the demand and growth of cybersecurity outpacing the supply of workers — Valentine cautioned that this will take time.
“It’s not an overnight process,” he said.
Experts who spoke to The Hill said one way to increase the supply of cyber workers is to get students to choose this career path and for the education system to provide more cybersecurity courses and related programs. technology in colleges and universities.
Reed Loden, vice president of security at tech company Teleport, said schools should offer more specialized cyber programs, including field-specific boot camps and internships.
Besides education, Loden said more should be done to recruit, train and retain young talent – although he acknowledged that many, including himself, are more focused on getting workers experienced in a highly competitive market.
“The right talent is already taken,” said Loden
“I wish I could hire junior security engineers and mentor them,” he added, “but because I have urgent needs, it’s hard to do right now.”
The labor shortage has encouraged government and the private sector to collaborate more, including sharing critical information to combat growing cyber threats.
Over the past year, the federal government has launched several key initiatives that encourage public-private partnerships in cyberspace.
For example, the Cybersecurity and Infrastructure Security Agency (CISA), a subdivision of DHS, launched the Joint Cyber Defense Collaborative in August 2021 with the goal of defending the United States against cyberattacks.
CISA has partnered with several private sector companies to advance the effort, which includes implementing nationwide cyber defense strategies, sharing information, and mitigating the risk of cyber attacks.
Even the White House has pushed for such a partnership. Last spring, President Biden signed an executive order to harden and secure critical federal government networks and infrastructure from cyber threats.
The order introduced several key initiatives, including facilitating the sharing of threat information between government and the private sector.
“Because there is such a shortage of talent, we need to work together to defend our networks and our systems,” Loden said.