Cybersecurity talent shortage matter of economic and national security

In the (first) Cold War, Americans worried about nuclear attack and a retaliatory Armageddon that would have reduced the world to a smoldering wreck

Then came the terrorist attacks of Sept. 11, 2001, when a small group of suicidal zealots turned hijacked airplanes into bombs.

Today’s weapons of choice for those who would attack U.S. interests are Trojan horse programs, denial-of-service attacks and password-cracking tools used to steal or corrupt digital data.

Not every foreign power can bankroll a full-fledged military, but it appears everyone can afford a room full of hackers.

The alleged North Korean cyber-attack on Sony Pictures Entertainment was a reminder that foreign “hacktivism” not only aims to disrupt national security interests, but economic and cultural stability, as well.

Sony initially scrapped the Christmas Day premiere of “The Interview,” a comedy about a plot to assassinate North Korean leader Kim Jong-un, following a hacking attack on the company and threats against cinema chains that planned to screen the film. Sony’s decision drew criticism from Hollywood to the White House, and the company approved a release that bypassed the traditional curtain-raising in theaters.

Everyone loses when hackers from outside our borders can rob us of cherished principles like the First Amendment to the U.S. Constitution, or valuable lists of customer accounts stolen from major retailers and financial service institutions. Such cyber-attacks can undermine national security just as surely as those carried out directly against defense and homeland security targets.

According to reports by the FBI and other sources, the list of foreign hacktivist groups is long and getting longer. They include People’s Liberation Army Unit 61398 in China, the Syrian Electronic Army, APT28 in Russia and similar groups in nations ranging from Tunisia to Thailand, and from Iran to ISIS. The United States is home to criminal hackers, as well, whose main focus appears to be cracking into corporate cyber-vaults.

Having the right people in place to defend against such attacks has become a major cost, and recruitment challenge, for businesses in Wisconsin.

Consider Wisconsin’s major business sectors: They include financial services, insurance, health care and retail chains, all of which can be prime for cyber-attacks. And yet, most C-level leaders in those sectors would admit there aren’t enough trained hackers of the honest variety to go around.

That problem deserves attention in Wisconsin, which is behind the curve in producing, attracting and retaining the kind of cybersecurity talent needed by companies and institutions of all sizes.

For starters, private companies aren’t just competing among themselves for talent. The federal government is the largest single employer cyber-security experts. The Department of Defense alone expects to increase its cyber-fighting workforce to more than 6,000 employees by 2016, making it one of the largest such forces in the world. Defense contractors employ large numbers of developers and technical staff with cyber-expertise, as well.

The global demand for people with cyber-security skills is forecast to grow at about 13 percent per year for at least the next three years, according to the Global Information Security Workforce. A recent RAND report, “H4cker5 Wanted: An Examination of the Cybersecurity Labor Market,” confirmed the shortage and noted: “… educating, recruiting, training and hiring these cybersecurity professionals takes time.”

Filling the workforce void in Wisconsin begins with producing more students with computing skills, especially in the emerging world of data science. Data scientists bring a combination of math, computational and analytical skills to the job. Starting salaries for these positions are substantial, sometimes in the six-figure category. In 2011, McKinsey & Co. estimated there will be roughly 150,000 unfilled data analytics expert positions by 2018.

Speaking Thursday in Madison at a Wisconsin Bankers Association event, the president of the Federal Reserve Bank of Boston noted that jobs in cybersecurity are netting top dollar nationally, even if some other professions within the broad field of information technology are not.

So, what’s being done? The talent shortage is being discussed within state agencies and academic institutions, and organizations such as the Wisconsin Security Research Consortium are also making the case that more must be done to close the talent gap. The magazine “Science” published a report Thursday on Wisconsin’s efforts.

Cyber-attacks do much more than shut down movie theaters. They threaten national security and cost businesses and the economy hundreds of billions of dollars per year. Workforce development in Wisconsin should mean more than preparing people for the skilled trades. It should include building a workforce for the digital age.

Tom Still is president of the Wisconsin Technology Council.

Sign up for BizTimes Daily Alerts

Stay up-to-date on the people, companies and issues that impact business in Milwaukee and Southeast Wisconsin

No posts to display