Cybersecurity labor shortage likely to end, eventually, for US government

One of the biggest cybersecurity challenges facing the United States today is the shortage of skilled professionals within government agencies. Cyberterrorists and other cybercriminals are multiplying and becoming increasingly sophisticated in their efforts to steal sensitive government data and damage important U.S. infrastructure. Numerous leaders agree that the U.S. government needs to significantly boost its active cybersecurity experts to counter these growing threats.

A recent report from the RAND Corporation, a nonprofit research organization, suggests that the government is making progress in this area. However, the report also made clear that this will be a time-consuming effort, and that the skills gap will remain a problem for quite a while.

Cybersecurity pros wanted
The study, "Hackers Wanted: An Examination of the Cybersecurity Labor Market," revealed that the need for these professionals is pressing, but the public sector struggles to compete with the opportunities offered by private companies.

"It's largely a supply-and-demand problem," said Martin Libicki, lead author of the study and senior management scientist at RAND, ECN Magazine reported. "As cyberattacks have increased and there is increased awareness of vulnerabilities, there is more demand for the professionals who can stop such attacks. But educating, recruiting, training and hiring these cybersecurity professionals takes time."

Libicki explained that the demand for cybersecurity professionals has outpaced supply ever since 2007, when reports of hacking attacks became commonplace. Both the public and private sector recognized these threats and began to seek out cybersecurity professionals to protect their sensitive assets. Generally, though, private companies have had more to offer to the most talented professionals in this field.

Talent incoming
Yet while these factors have hampered U.S. cybersecurity efforts thus far, there is reason to believe that the situation will soon change. The report concluded that the most important steps for addressing the government's cybersecurity personnel needs have already been taken. However, it will take quite a long time for these efforts to pay off, as Dark Reading reported.

"It takes a while for someone to get proficient," said Libicki, the news source reported. "You might dangle a carrot in front of someone in 2010, but they won't be able to chew it until 2015."

Once this next generation of cybersecurity professionals enters the workforce, the greater supply may make the government better able to compete with private sector salaries. Until that time, though, cybersecurity remains a major issue for government agencies.

Interim efforts
For the meantime, though, the RAND report suggested that the U.S. government, and other large organizations, have successfully managed to fend off the worst aspects of cybercrime despite their lack of sufficient numbers of dedicated cybersecurity professionals. To a significant extent, this strategy has boiled down to finding latent talent within agencies' workforces.

The study explained that many agencies conduct aptitude tests along with their IT security training, and in the process they have found personnel who, while not professional cybersecurity professionals, have sufficient expertise to help their departments improve in this area.