December 19, 2013
Cybersecurity professionalization nonprofit (ISC)2 earlier this month offered key federal agencies a series of next steps that can help address a persistent skills shortage in the cybersecurity field.
In a Dec. 2 letter to officials at the White House, the Homeland Security and Defense departments, the National Institute of Standards and Technology, and members of academia and other influencers within the federal workforce community, (ISC)2 outlined seven key steps agencies can take to advance the cybersecurity workforce and address skills shortages.
The letter highlights the 2013 (ISC)2 Global Information Security Workforce Study, which identified a significant gap between the supply and demand of qualified cybersecurity professionals. While 61 percent of federal government respondents agreed that their agency has too few information security workers to effectively manage threats, the study found federal respondents viewed the underlying cause of those staffing shortfalls differently from their global peers. More than half of federal respondents, for example, said the greatest reason their agency has too few information security workers was because business conditions could not support additional personnel.
“Other experts around the world represent that the problem of the skills gap lies primarily with the difficulty in finding qualified personnel and funding challenges,” W. Hord Tipton, executive director of (ISC)2, wrote in the letter. “So what really is the underlying challenge in the federal environment, and do IT security insiders hold a differing opinion than those on the outside of public and private sector organizations?”
(ISC)2 made seven recommendations to agencies to help solve the skills gap challenge:
The recommendations were gathered at the 10th anniversary of (ISC)2’s U.S. Government Advisory Board for Cybersecurity, where former and current board members representing federal CISO-level executives offered insight into the underlying challenges agencies face in finding and hiring qualified cybersecurity personnel.
“Our goal in delivering these recommendations to key influencers is to help the U.S. government close the workforce skills gap and to strengthen information security via avenues such as existing frameworks, the acquisition process and personal accountability, among others,” Tipton said in a statement.
December 19, 2013