Experts in Cyber Security
If anything in particular has been repeatedly demonstrated in the last few months, it’s that the challenges of cyber security and cyber intelligence far surpass the number of skilled professionals and technical solutions available to attend to these issues. Thus it is necessary and urgent that to a new generation of specialists in cyberspace security is encountered and properly educated. Challenges in the public and private sectors are many and not nearly enough sufficiently prepared young people are to be found to face these challenges.
One thing is true: increasingly more companies as well as the federal government need experts that can guarantee the security of vital information by protecting and safeguarding computer networks that host sensitive data, commercial and military strategies, registered brands, and security codes, etc. This requires that new leaders be trained in computer sciences through programs that perfect their aptitudes and teach them how to properly apply the knowledge they acquire to vigilance, detection, analysis, and faster responses to possible infiltrations in their networks.
The field of cyber security presents great and interesting opportunities for collaborations between the public and private sectors. The cooperation between businesses and government is a strategic trick that we must continue to make the most of.
For example, we see this collaboration reflected in the Cyber In-Security Report jointly realized by the Partnership for Public Service, a non-profit organization with it’s headquarters in Washington, and the private company Booz Allen Hamilton. The report, published in 2008, warns that the government and private sector computer networks won’t be able to prevent attacks from foreign countries, criminal organizations, terrorists, and hackers, unless there is a significant increase in the number of cyber security experts. In 2008, this report pressed the United States Personal Administration Office to establish new classifications for government employees in the area of cyber security, and offer a wider variety of professional careers from entry-level positions to the high level officials and managers.
Another program that reflects government cooperation with the private sector is the Internal Security Department’s Scholarship for Service program. Every year the program awards 120 individuals with a university degree in the area of computer security government jobs. This is a step on the right track, but the number of positions and scholarships must be increased, as the Office of Control and Fiscalization’s report indicates.
The Defense Department is one of the departments most affected by cyber attacks and is also one of the departments that serves to benefit the most from this collaboration with the private sector. This department especially needs good experts in computer security, as its secretary, Robert Gates, has made clear. Defense trains 80 candidates per year and Gates plans to raise that number to 250 for the year 2011.
Mixed public-private competitions are another important source for discovering new talents. The Cybernetic Challenge is a three part national competition, with the objective of finding 10,000 American young people with exceptional computer aptitudes. The competition is sponsored by a public-private alliance consisting of the International and Strategic Studies Center; the Institute of Public Politics Research, with their headquarters in Washington; the Department of Defense; the SANS Institute and the Air Force Association. This last sponsor is an independent civil organization dedicated to informing the public about the use of aero-spatial power in national defense and also sponsors the CyberPatriot competition in high schools across the country.
Additionally, the Cybernetic Delinquency Center, a part of the Defense Department, is responsible for the Digital Forensics Challenge, a competition that for high school, university and graduate students. The SANS Institute is in charge of the NetWars web competition, that encourages high school students as well as university and graduate students to compete for points, taking on the role of an analyst, a defender, an attacker, or a combination of the three. Competitors try to protect secure resources from attackers, take control of a web site, or deflect increasingly difficult attacks, with the finality of measuring the vulnerabilities of the simulated network in question.
The best and most promising candidates are offered additional training in the FBI, in the Carnegie Mellon Computer Team Answering Emergencies, in the main laboratories of the Department of Energy Resources, or other entities. This initiative is an extraordinary and demonstration of efficient public-private cooperation.
Those individuals who aren’t American citizens but are interested in participating in these contests can compete, but can’t win the competition or participate in post-competition educational programs. In 2008, the Digital Forensics Challenge included teams from Chad and India. In 2009, the CyberPatriot competition, a contest where competitors protect simulated business networks from attacks, enrolled teams from Japan and South Korea.
These national competitions are valuable because they offer practical, authentic and effective experience to participants, as well as exceptional opportunities for further training, contacts, and future employment. Thus the competitions present an efficient via for hiring, for the government and businesses.
At any rate, there are open questions in cybernetics that need urgent answers, like what strategies should be used to recruit, select, contract and retain much needed cybernetic experts in the government and private enterprise.
Some experts, like Alan Paller, director of research at the Sans Institute, a business specialized in creating computer security, maintains that the industry requires a massive talent search in order to form a body of between 20,000 and 30,000 cyber-security experts. In order to achieve this goal, Alan proposes the organization of “cybernetic camps” at prestigious Universities, like the Polytechnic Institute of the University of New York, in Brooklyn; widening national competitions to discover new talents; offering scholarships in exchange for volunteer work or university coursework in advanced computer security, as well as publicizing desirable job offers.
Another area where vital public-private action is required is in the promotion of computer sciences education throughout primary, secondary and university level schooling. Computer science education and training must be priorities in public service campaigns, but must also be promoted by private enterprise; America’s traditional source of dynamism and rapid-fire answers to the challenges the market presents can also contribute to the training of new cyber-security leaders and help raise the level of security in cyberspace through the promotion of courses and knowledge in math, sciences, new technologies, computer sciences and engineering. We have to get workers and students interested in these disciplines and a great way to do so is through compensation. If private enterprise offers competitive pay and benefits for individuals with this knowledge, more people will be drawn to this field. When a business commits to cyber-security, it makes a long-term commitment to national defense and the creation of wealth and thousands of new jobs for all Americans.
In spite of all this, all available data points to a worrying lack of workers specialized in computer and information technologies, as various reports have warned, including one in The Economist. This shortage exists nationwide despite the fact that it is currently a very important area of employment with a bright future. In times of reorganization in the workplace and economic crisis, it is our obligation and responsibility to consider new jobs and new ways to create wealth. Cyber-security opens the doors to a world of possibilities for men and women across the country.
Once again, the market offers us an answer to supply and demand, this time in employment. A strategic alliance between the public and private sector is key in fomenting cyber-security in the government as well as private enterprise, and is a source of quality, stable jobs with a future.