Efforts within the U.S. to grow its public- and private-sector cybersecurity workforce and overcome the current talent shortage in this space are in need of "immediate and sustained improvements," according to a newly issued government report.
In compliance with a 2017 presidential executive order, the Department of Commerce and the Department of Homeland Security last week jointly released the report, in which they share their assessment of recent initiatives to educate, train and grow American's cybersecurity talent pool. The agencies cited multiple deficiencies in this regard, including a lack of relevant cybersecurity education programs in the corporate world; a shortage of cyber-savvy teachers across all levels of education; prohibitive and inefficient hiring/onboarding practices; and a lack of reliable data on cybersecurity workforce position needs.
To combat such issues, the report's authors have recommended developing an "ambitious vision and action plan-of-attack;" executing a "high-profile national Call to Action" to mobilize workers toward cyber needs; attracting more women, minorities, veterans and young students; budgeting for high-quality education and workforce development programs; and providing cyber training to employees in traditionally non-cyber roles;
The report also recommends that both private and public-sector organizations take steps to improve their learning environments, align education and training efforts with their cybersecurity workforce needs, and establish metrics and tools that help evaluate the effectiveness of their cyber workforce investments.
As further proof of America's ongoing shortage in cyber talent, new statistical findings show that there were 301,873 cybersecurity job openings in the U.S. in the 12-month span from April 2017 and March 2018.
Of these openings, 13,610 were in the public sector, according to numbers issued today by CyberSeek, a free cybersecurity career and workforce resource, and a joint development of technology industry association COmpTIA and labor market analytics firm Burning Glass Technologies. Moreover, 194,224 openings were in the category of "Operate and Maintain" -- meaning jobs involving the support, administration and maintenance of IT systems, as opposed to strictly cyber roles.
During this same time span, the total number of employed members of the U.S. cyber workforce was 768,096. That means for every cyber job opening, there were only 2.5 filled cyber positions, compared to 6.5 filled positions per job opening when looking at all fields of work.
CyberSeek further reports that the metro areas with the largest absolute number of cyber job openings in the aforementioned time period were Washington D.C. (43,200), New York (19,993) and Chicago (11,464).
"The cybersecurity talent shortage is widespread, impacting all 50 states," said Matthew Sigelman, CEO at Burning Glass Technologies, in a press release. "In every state, the employed cybersecurity workforce would have to grow by over 50 percent to align with the market average supply and demand ratio."
CyberSeek is also a partner with the National Initiative for Cybersecurity Education (NICE), an initiative from the Commerce Department's National Institute of Standards and Technology (NIST).