US in mad dash to build cy­ber­se­cu­rity work­force

The Bradenton Herald (Sunday) - - Nation & World - BY PAULETTE PERHACH

A stun­ning statis­tic is re­ver­ber­at­ing in cy­ber­se­cu­rity: An es­ti­mated 3.5 mil­lion cy­ber­se­cu­rity jobs will be avail­able but un­filled by 2021, ac­cord­ing to pre­dic­tions from Cy­ber­se­cu­rity Ven­tures and other ex­perts.

“It’s scary. Our power grid, our cars, our ev­ery­day de­vices – ba­si­cally ev­ery­thing is on­line and able to be at­tacked,” said Ge­or­gia Wei­d­man, au­thor of “Pen­e­tra­tion Test­ing: A Hands-On In­tro­duc­tion to Hack­ing.” Wei­d­man is the founder of two cy­ber­se­cu­rity com­pa­nies, Bulb Se­cu­rity, where she is chief ex­ec­u­tive, and Shevi- rah, where she is chief tech­nol­ogy of­fi­cer. She­vi­rah spe­cial­izes in se­cu­rity for mo­bile de­vices.

“It would cer­tainly cause mass de­struc­tion if our power grid went down or our wa­ter pumps started go­ing hay­wire or our dams de­cided to open all their sluices,” she said. “That’s ac­tu­ally some­thing that could hap­pen.”

Ac­cord­ing to a re­port re­leased this year by the Iden­tity Theft Re­source Cen­ter, the num­ber of data breaches tracked in the United States in 2017 hit a high of more than 1,500, up al­most 45 per­cent over 2016. In one in­ci­dent this year, the data of 29 mil­lion Face­book users was stolen.

In re­sponse to the sheer num­ber of new dig­i­tal gates that might be left open, em­ploy­ers and ed­u­ca­tors have had to be­come more cre­ative in find­ing peo­ple to guard them.

They need pen­e­tra­tion testers to sim­u­late at­tacks to find and fix vul­ner­a­bil­i­ties that could be ex­ploited by a real at­tacker.

They need mal­ware an­a­lysts to find out what ma­li­cious pro­grams do so they can pro­tect from the at­tacks.

They need se­cu­rity re­searchers to dis­cover new vul­ner­a­bil­i­ties in ap­pli­ca­tions and other prod­ucts – be­fore the thieves do – so they can be fixed. They need se­cu­rity ar­chi­tects to make sure all the best prac­tices are be­ing fol­lowed.

Ac­cord­ing to the chief econ­o­mist for LinkedIn, Guy Berger, there was a short­age as of Septem­ber of 11,000 peo­ple with cy­ber­se­cu­rity skills in the San Fran­cisco Bay Area, 5,000 in New York and al­most 4,000 in Seat­tle, the ar­eas with the largest con­cen­tra­tion of need. LinkedIn reg­u­larly is­sues work­force re­ports based on its anal­y­sis of jobs data in the United States.

Some ma­jor cor­po­ra­tions have openly taken to hir­ing hack­ers to help pro­tect them. An ex­treme ex­am­ple is Kevin Mit­nick, who hacked into cor­po­ra­tions, landed on the FBI Most Wanted Fugi­tives list and went to jail for five years, but is now a se­cu­rity con­sul­tant to For­tune 500 com­pa­nies and gov­ern­ments. As he says on his web­site about hack­ers, “It takes one to know one.”

Many com­pa­nies are also putting less em­pha­sis on the need for a col­lege de­gree to qual­ify for a cy­ber­se­cu­rity job, Wei­d­man said. With an un­der­grad­u­ate de­gree in math­e­mat­ics from Mary Bald­win Col­lege in Staunton, Vir­ginia, and a mas­ter’s in com­puter sci­ence from James Madi­son Univer­sity in Har­rison­burg, Vir­ginia, Wei­d­man said she had seen how much hands-on ex­pe­ri­ence re­ally mat­tered in the cy­ber­field. That in­sight came early when she par­tic­i­pated in the Na­tional Col­le­giate Cy­ber De­fense Com­pe­ti­tion as a stu­dent.


Shamla Naidoo, sec­ond from left, global chief in­for­ma­tion se­cu­rity of­fi­cer for IBM, has had suc­cess reach­ing out to moth­ers re­turn­ing to work, as well as to mil­i­tary vet­er­ans, to find po­ten­tial cy­ber­se­cu­rity work­ers.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.