More than 300,000 cybersecurity job vacancies exist in the United States, says President Donald Trump, on signing an executive order to promote cybersecurity work within the US Government. He said of the vacancies: “They must be filled to protect our critical infrastructure, national defence, and the American way of life. These jobs represent an incredible economic opportunity for America’s workers – and my Administration is working to ensure they have the skills they need to seize it.”
The order requires the US Federal Government to do more to provide access to cybersecurity skills training, to identify the most-skilled cybersecurity workers, and to advance career opportunities in the public and private sectors. It encourages adoption of the cybersecurity workforce framework created by the federal National Initiative for Cybersecurity Education (NICE).
It admits to a ‘shortage of cybersecurity talent and capability’. What the order terms ‘a national Call to Action’ includes training people, and ‘measures that demonstrate the effectiveness and impact of cybersecurity workforce investments’. An annual ‘President’s Cup Cybersecurity Competition’ is proposed, for federal civilian and military employees, to start this year.
For the order in full visit the White House website.
Comments
Laurie Mercer, security engineer at bug bounty company HackerOne, said: “Any company that has tried to hire cybersecurity talent in the past 12 months will know that there is an acute shortage of security skills. It’s good news for those with the skills that the US government is willing to go above and beyond in terms of offering competitive compensation for those with the skills.
However, it’s this supply and demand issue that’s the reason why many forward-thinking organisations are turning to the hacking community to help boost their security defences. These organisations have come to realise that to help discover flaws in online systems they need as many eyes looking as possible. Rather than having one or two people looking for vulnerabilities once or twice a year, these security teams are able to leverage tens to thousands of people with diverse skill sets to continuously perform security assessments throughout the year.
Many federal departments are actually already doing this effectively with Bug Bounty programmes and competitions to incentivise intelligent and passionate hackers to help them find any holes in their systems. Supporting this burgeoning community by offering them the chance to hone their security skills in this competitive manner also supports the growing pipeline of talent for the future as the young hackers of today become the CISOs of tomorrow.”
James Hadley, CEO of Immersive Labs said: “Trump has actually made quite a significant step towards boosting the US government’s cybersecurity workforce and, more importantly, the capabilities of its existing staff. The focus on reskilling professionals and attracting fresh talent to fill the reported 300,000 person-wide gap is definitely along the right lines. But in reality, it’s the effort and resources being put towards upskilling current IT and cyber employees within federal government – and ensuring that they are well-equipped and kept constantly up-to-date on how to handle the latest threats – that will make the biggest impact over the longer term.”
