There has been no shortage of research materials over the past year that point to a fear among government and private industry leaders that the U.S. does not have the needed numbers or proper skillsets in its cybersecurity workforce and could feel some consequences as a result.
One survey from Raytheon and the National Cyber Security Alliance said almost half of respondents aged 18-26 — “millennials” — claimed no cyber education programs or activities were available to them, while Intel Security and the Center for Strategic and International Studies found more than two-thirds of information technology executives said low IT security staff sizes made organizations at risk for “direct and measurable damage” and “desirable hacking targets.”
A key aspect for government and business to consider is helping prospective cyber workers understand viable career paths in the field through both education programs and in-career training initiatives, according to Roger Mason, senior vice president for national security and intelligence at Noblis and a former assistant national intelligence director for systems and resource analyses.
“Post-college training requires a mixture of applied development and on-the-job skills in order to make a difference there. And, you have to think about the lifecycle of the cyber workforce from recruitment on the front end through retention and career progression. There are different generational aspects we should be mindful about in terms of how best to approach workforce development,” Mason said.
Mason spoke to ExecutiveBiz on the heels of his July 26 appearance at the International Conference on Cyber Security in New York City to give other leaders in the public, private and academic sectors his perspective on the computer security environment and to offer a definition of what he called the “cyber threat analyst tradecraft.”
That tradecraft, he told ExecutiveBiz, can be broken out into two skillsets: first the ability to see the larger picture of the threat environment, and second to both identify patterns and understand trends in data acquired by machines.
“You don’t need a cyber threat intelligence analyst to do tactical monitoring of your network. You do need them to get the context of why an organization is getting persistent attacks and what the attacker is looking to gain,” Mason said.
Machines and other technology platforms have largely taken over the job of threat data collection and that has shifted the cyber analyst’s job to one that looks for common threads in the information, according to Mason.
“Cyber intelligence tradecraft is rooted in the traditional cycle of tasking, collection, processing, exploitation and dissemination,” Mason said.
“The trick is doing it at ‘cyber’ speed commingled with those who defend the networks everyday.”