The Center for Strategic and International Studies (CSIS) has released a new report on the human capital issues currently facing the cybersecurity effort in the United States. The report, titled “A Human Capital Crisis in Cybersecurity,” claims the United States is currently facing a crisis in that not enough skilled cyber professionals are available to serve the needs of the nation.
“The problem is both of quantity and quality especially when it comes to highly skilled “red teaming“ professionals,” the report states. “We not only have a shortage of the highly technically skilled people required to operate and support systems already deployed, but also an even more desperate shortage of people who can design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts.”
The report, developed by the CSIS Commission on Cybersecurity for the 44th Presidency, chaired by Lt. General Harry Raduege, Scott Charney, Representative James R. Langevin and Representative Michael T. McCaul and directed by Jim Lewis, offers several recommendations to rectify the problem. These include providing funding for an encouraging the development of cyber programs in schools, provide clear career paths for cyber professionals, develop and adopt rigorous certification processes and use training, hiring and acquisition to raise technical skills.
The Commission also claims the current professional certification programs available are inadequate because “Individuals and employers are spending scarce resources on credentials that do not demonstrably improve their ability to address security-related risks,” the report says. “Credentials, as currently available, are focused on demonstrating expertise in documenting compliance with policy and statutes rather than expertise in actually reducing risk through identification, prevention and intervention.”
View the full report here