GovernmentExecutive.com

The United States is facing an alarming shortage in skilled workers to protect the nation's critical infrastructures from cyberterrorism and other threats, several homeland security and high-tech experts said Wednesday.

"There is going to be more demand ... for people with [information technology] skills," Harris Miller, president of the Information Technology Association of America, said during a cybersecurity conference in Washington sponsored by the MIS Training Institute. "It is a huge problem we have in this country - not having enough people with adequate skills and training."

Stressing the need to make information security second nature, Mark Holman, deputy assistant to the president for the White House Office of Homeland Security, said the president's forthcoming national strategy for cybersecurity - due to be released Sept. 18 - will address the need for skilled workers to help defend computer networks.

Holman said the strategy aims to be a "living document" that will grow and change as the technology changes. The document will contain sections that address home users' security and network security issues, Holman said. It also will categorize critical infrastructure issues by industry, such as water filtration, electricity or telecommunications.

Government and industry also must educate each other about infrastructure vulnerabilities and threats through information-sharing analysis centers (ISACs) and other partnerships, according to Ronald Dick, director of the FBI's National Infrastructure Protection Center.

Dick noted that although about 90 percent of the nation's infrastructures are owned and operated by the private sector, "the scale at which the private sector looks at vulnerability assessments is very narrow from a national infrastructure-protection standpoint."

Finding and retaining skilled workers to protect the military's critical infrastructures also must be a priority, according to Pennsylvania Republican Curt Weldon, who chairs the House Armed Services Procurement Subcommittee.

Weldon said the military is facing a crucial shortage in information security specialists, in part because workers with those skills can earn more money in the private sector. "It's been a challenge to keep that level of competence in the military," Weldon said. "We're still on the cutting edge, but ... it's extremely difficult."

Weldon said he plans to propose a new scholarship program in which the federal government would pay the undergraduate and graduate tuitions of students seeking careers in information security. Those students in turn would spend several years as "cyber warriors" in the military.

Weldon said "information dominance" will be a military buzzword in the coming years because terrorist networks and enemy states that could never match U.S. strength on the battlefield are looking to cyber warfare as a central strategy.

"All that smart technology that allows us to dominate any battlefield at any time is all computer-dependent," Weldon said. "We've never fought this kind of threat before."

A failure to protect the nation's critical infrastructures could have disastrous consequences, both at home and on battlefields abroad, Weldon said. "We don't know when or where the next attack will occur," he said. "But I can tell you this: It will involve information systems."

Maureen Sirhal contributed to this report.

COMMENTS

• I was assigned to WPAFB after completion of the Management Intern Program. First assigned to the write production control procedures, I was sent to assist the DCS Maintenance, reporting to his exec. When he was out, I was acting exec(Colonel postion). After several years in that position, I was offered a job in an office which used QRC procedures for speedy acq. of jammers, etc for Wild Weasel acft. (Vietnam war.) Trained at RHAW school at Nellis AFB. Next I was sent to computer school and to Sunnyvale, Ca to do acceptance testing on a new mainframe computer. After a stint in the Management and Cost Analysis organization, I went to the mission assignment function. Worked on high security black programs, then was Air Force rep on Join Service group on combat identification (to work on the friendly fire problem), then as Air Force rep on a joint service task on resolving a security issue with the NSA. Incidently I was sent to the Air Command and Staff College at Maxwell--The only civilian in my class. How many of these positions was I qualified for? Bottom line: When you get stymied by "don't bother me with logic, I go by the book" people you take another approach. Convince someone of your qualifications and that they need you, and let them handle the personnel problem. They have the benefit of being able to elevate the discussion to another level. Good luck. Tom Collins Posted June 10, 2007 5:20 PM
• I thought I might comment on how the short fall of cyber security specialists might be filled. I am a US Air Force Civilian and work for a command that has me concentrating on information security and information management. Unfortunately for me, I am classified as an 0855 Electronics Engineer. Recently, I was seeking a position as a 2210 Information Technology Specialists. To make a long story short, the job description basically described the job I have been doing for that last 4 years so I applied. The Air Force Civilian personnel center stated that I was NOT qualified because I had no experience. After numerous calls to AFPC, I found out that I was not qualified because I did not have a number (2210) in my career brief. Since I am classified as a 0855, I can not do 2210 work that I have been doing for the past 8 years. I believe a system such as this should be dissolved. How many other qualified individuals have been denied a job because of a number in their career brief? Robert Cameron Posted February 24, 2003 4:21 PM