5 takeaways from the White House cybersecurity workforce discussion – Security Intelligence

4 minutes, 43 seconds Read

5 takeaways from the White House cybersecurity workforce discussion

The Office of the National Cyber Director (ONCD) recently hosted a 3-hour discussion on creating a strong cybersecurity workforce; the results are enlightening. The session involved representatives from more than 30 public and private organizations spanning 12 industries.

The ONCD advises the United States President on cybersecurity policy and strategy. Its mission is to advance national security, economic prosperity and technological innovation through cybersecurity policy leadership.

“In our increasingly digital world, where cyber threats are growing more frequent and more sophisticated, we need great cyber talent in every sector of our economy, and we need them in every community across our nation,” said National Cyber Director Harry Coker, Jr. while leading the discussion.

Here are five key takeaways from that event.

1. Cybersecurity isn’t just for tech sectors

As Coker noted in his opening statement, cyber talent is needed by all sectors and communities. It’s no longer contained within the tech community or even within tech-forward companies like finance and retail. Every organization, from large global players to the small business community, faces threats. That means they all need a strategy for cybersecurity threat detection and response.

2. Skills-based hiring opens the field, draws in the underrepresented

Speakers at this assembly noted that there are a half million unfilled cybersecurity roles right now. “We need to adapt faster; we need to open our doors wider,” said Loren DeJonge Schulman, Associate Director of Performance and Personnel Management for the Office of Management and Budget. Traditional hiring focuses on education and experience. Skills-based hiring may remove four-year degree requirements, focusing on competencies instead. For example, an applicant might not have a degree in computer science but may understand how to set up and deploy a cloud platform or use AI and machine learning models.

3. Partnerships yield results

This meeting showed the symbiosis between students who want to learn and opportunities to put that learning into practice. Representatives from Glendale Community College attended the discussion. That college maintains a live security operations center (SOC) where paid interns learn to monitor partnering rural municipalities at no cost. This provides the interns with over 300 hours of competency-based experience as a SOC analyst or engineer while delivering a service to small local governments that may not have the budget or team members to address security concerns internally. As Jiwon Ma, Senior Policy Analyst at the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies, noted that often in smaller organizations, “People just don’t have the time or the capacity to dedicate their jobs to cybersecurity, and these are very likely rural and small utilities.”

4. Focus beyond career entry to sustaining a career long-term

Chris Novak, Senior Director of Cybersecurity Consulting with Verizon, described his experience: “One of the challenges that we historically saw was someone would get to a certain point, and if they could not figure out what the next step in their career looked like, that often would mean an exit.” To address this, Verizon began to map all of their roles and their required skills. Now, he says, “Individuals in pretty much any role can figure out how they map from a role that they’re in now to other roles in the company.”

5. The cybersecurity talent shortage is a national security issue

Kris Lovejoy, Global Practice Leader, Security and Resiliency with Kyndryl, arrived at the core of why a prepared cybersecurity workforce is so essential: “This isn’t just about creating good-paying jobs. We’ve got a national security issue that we have to address. The reason we’re here is because we recognize we have to put more people into the pipeline so that we can secure our infrastructure.”

Read more about the risks of the current cybersecurity talent gap and how to address it within your organization.

More from News

CISA warns about directory traversal vulnerabilities

3 min readOn May 02, 2024, CISA and the FBI released a Security by Design alert to all software manufacturers and customers regarding an ongoing security vulnerability associated with “directory traversal” (also known as path traversal) in the software design process.The software industry has already documented directory traversal vulnerabilities in the past, as well as identified practical approaches to eliminate these vulnerabilities entirely over the next two decades. However, many software manufacturers have still not addressed those issues and are continuing to…

What will a TikTok ban mean for U.S. cybersecurity?

3 min readPresident Joe Biden signed a bill on April 24, 2024, giving Byte Dance, the Chinese parent company of TikTok, two options: sell TikTok within nine months or face a ban on the app in the United States.The bill comes after years of concerns that the app increases cybersecurity risk. In March 2024, the House passed a bill banning TikTok, but it was not passed by the Senate. However, in April, Speaker Mike Johnson included the House TikTok bill into a…

Version 2 of the National Cybersecurity Strategy and Implementation Plan has been released

3 min readIn March 2023, the U.S. administration released the first National Cybersecurity Strategy Implementation Plan (NCSIP). This was presented as a government action plan consisting of 27 strategic objectives prioritizing critical initiatives to protect national security from ongoing cyber threats.Recently, 31 initiatives have been added to this plan, and a number of federal agencies have been identified to lead these efforts moving forward.Goals of the National Cybersecurity Strategy Implementation PlanThe NCSIP outlines several critical implementation actions to improve the U.S. national…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.

Subscribe today

This post was originally published on 3rd party site mentioned in the title of this site

Similar Posts