It is no secret that a huge gap exists within the cybersecurity field. Those living in the Washington, D.C. region are subjected to many television and radio ads reminding them every day how many jobs go unfilled. The federal government is severely understaffed and skilled in this discipline. There are wide-ranging estimates of how many job openings will exist in the next five years. Studies by Cybersecurity Ventures predict that 3.5 million vacant cybersecurity jobs will exist in 2022. Research performed by Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA) in 2017 found that the biggest cybersecurity challenge for organizations is that they are understaffed.
CyberSeek created a heat map shown below detailing the regions of the U.S. that have the greatest need for Cybersecurity professionals. As expected, a high concentration of need is centered around the federal government in Washington, D.C. and surrounding states.
Government agencies that cannot fill these open positions suffer an adverse effect on their operations. Not only does it impact security posture, but it puts a significant strain on the existing workforce. ESG and ISSA’s research show following detrimental effects when there is a gap in staff and skills:
Many of the aforementioned items are related to one another and can cause a cascading impact persistent across an organization that damages morale. It also causes lasting damage to organizational culture which is often difficult to reverse.
Many organizations recognize that they have a challenge to address but still have many hurdles to overcome before they can see tangible improvement. ISACA performed research that shows the leading barriers to success that inhibit organizational improvements in cybersecurity.
So where do organizations go from here? What can they do to improve and close the Cybersecurity skill gap?
- Build or Expand Partnerships With Universities: Many universities were late to the party when it came to developing cybersecurity degrees. However, now most offer specialized education in the field now. The government needs to continue to build on existing relationships with universities to grow the pipeline of individuals. Increased internships, scholarships and other programs often can attract and retain talented individuals.
- Increase Training Budget: Offer more training for existing staff. Prioritize training offered by areas of greatest need and alignment to organizational goals. Build partnerships with training vendors.
- Career Path Development: Develop clear and attractive career paths for cybersecurity professionals. New or prospective hires need to see they have the ability to advance and grow their career.
- Leverage Contractors: Niche or temporary skills may not make sense to have permanent staff or resources dedicated to recruiting and retaining those individuals. Instead, contractors may be the best source to fill those areas of need.
- Use AI and other new technology: New technology can be a game changer and potentially reduce the overhead to existing staff. Data aggregation, analysis and correlation can save time and make existing employees more efficient.
- Replace Legacy Technology: Older systems often require more support staff to perform Operations and Maintenance (O&M). This may exacerbate the skill deficiencies in other areas of the agency.
- Better Alignment of Cybersecurity with IT Roadmaps: Agencies need to fully integrate Cybersecurity into IT planning to identify and plan for future skill needs. This enables a more methodical and effective approach to the pipeline for recruiting and hiring.
- Reward and Recognition: It is crucial to reward and/or recognize all top performers and those who have gone above and beyond. Retaining your talented staff is just as important as hiring new skilled employees.
Organizations must make closing the cybersecurity gap a focus area that is woven into their strategy. Alignment from the top down will drive progress in the right direction.
Jason Yakencheck is part of the GovLoop Featured Contributor program, where we feature articles by government voices from all across the country (and world!). You can follow him on Twitter. To see more Featured Contributor posts, click here.