This blog post is a recap from GovLoop’s Government Cybersecurity Virtual Summit. To see more blog posts about the summit, click here.
Cybersecurity is embedded in government. It affects the way the average employee logs into their computer, accesses email, and even uses the internet. However, many employees are still behind in the cyber arena. So what security trainings should employees know about? What is good basic cyber hygiene for the workforce? And how should agencies explore hiring the next generation of cybersecurity professionals?
Those were the questions David Shearer, Chief Executive Officer of (ISC)², probed in the opening keynote of GovLoop’s Government Cybersecurity Virtual Summit on Wednesday. He focused on education, certifications, and a next generation workforce in the public sector that is able to deal with today’s cybersecurity challenges.
In terms of education and certification awareness, Shearer pointed out that everybody has plenty of choices today – but you need to understand the education you’re getting. For example, a certificate is different from a certification (a certificate provides instruction and training, while a certification assesses knowledge or competencies). As you’re trying to become more educated on the cybersecurity front, it’s important to be an educated consumer and find the training and education that is right for you and where you are in your career. Both have value, though. The value of certification or certificates is career advancement, gives you a competitive advantage when looking for jobs, and can increase your salary potential.
Though certificates and certifications can help advance workers, the fact today is that there will be a dearth of 1.8 million information security professional by 2022. “There’s a real scarcity of talent we don’t seem to be able to make an impact on,” Shearer said. But there’s a path forward: drawing on underrepresented pools of talent in the information security arena, including millennials, women, and minorities. “The millennial generation represents the most diverse generation of our time,” Shearer said. “If we stand a chance of building a solid and diverse pool of talent and information workers, we need to understand the millennial generation.”
To recruit millennials to information security jobs in government, government HR needs to look at mentorship programs, flexible work arrangements, training opportunities, role diversity, and potential advancement, Shearer said. “Baby boomers will also have to adjust their communication skills to connect better with this younger generation. Both will have to work to bridge this gap.”
If and when the information security workforce gap is bridged by reaching out to millennials, it’s important to help these new hires (and existing employees) understand better cyber hygiene. “Everybody needs an understanding of their organization’s cybersecurity program and each of their roles that support the organization’s security posture,” Shearer said. “We need to all participate in security awareness training, even if you don’t work in IT. It’s very important.” One way to do that? Make the trainings fun, creative, and easy to access.
Working in tandem to provide solid certificates and certification to existing employees, hiring from new talent pools, and teaching everybody proper cyber hygiene, government can work to make sure all organizations are cyber ready for today’s challenges.
Did you enjoy GovLoop’s Government Cybersecurity Virtual Summit? Don’t miss our next virtual summit, all about government innovation, on May 10. Sign up here.