In order to combat a cyber workforce shortage, the traditional U.S. education system needs to be revamped to better align with cybersecurity needs, according to testimony at a House Subcommittee on Cybersecurity and Infrastructure Protection hearing.
“Simply put, cybersecurity professionals are not produced by the education system in the United States in the quantities or the correct soft skills that are needed,” said David Jarvis, Security and CIO Lead at the IBM Institute for Business Value.
“Cyberattacks are growing in frequency and sophistication,” said subcommittee Chairman John Ratcliffe, R-Texas. “But the availability of qualified cybersecurity professionals to deal with these challenges is simply not keeping pace.”
The U.S. is facing a resource constraint when it comes to a cyber workforce. Currently, there are 200,000 unfilled security jobs and this number is expected to grow by 58 percent in 2018. New technology continues to emerge at an extremely quick pace, and as new technology increases so does vulnerability to a cyberattack: The two move in parallel.
Jarvis provided insight on P-TECH–a model IBM is using to prepare students for work in cybersecurity. The model pairs high school students with a career mentor and allows them to earn an associate’s degree while still in high school.
Hearing participants also addressed the need for more available apprenticeships and on-the-job training in cybersecurity. Industry leaders must expand their apprenticeship offerings and look closely at their hiring practices to ensure their specifics are not driving away talent, they said. Education can assist by creating a standard of knowledge for all cybersecurity education to ensure talent is learning the necessary skills.
Lastly, it is mission critical the cyber workforce diversify. Currently only 11 percent of the cyber workforce is made up of women and less than 12 percent are minorities.