October, as you may know, is Cyber Security Awareness Month. The event is sponsored by the Department of Homeland Security, which means that Cyber Security Awareness Month is affected by the government shutdown.
Luckily, the event has taken off since its inception and other organizations are instituting cyber security awareness programs. That’s the great news. The not-so-great news is the shortage of “cyber warriors” to stand on the front lines of cyber security.
I’ve written about this security professional shortage before, of course. Even as more universities are stepping up cyber security education programs, there is still a lack of good, trained security professionals in the private sector – and even fewer in the public sector. As SourcingFocus.com put it:
The limited talent has created a bidding war as companies seek to attract talent, with private enterprises able to poach skilled staff away from public sector departments.
Now the concern is that the shutdown will do even more damage to the already weak government cyber security force. Mike Carpenter, President for the Americas at McAfee, was quoted in a Washington Post article:
[T]he reason that someone would come to work for the government is most importantly support of the mission, but the second piece if you surveyed them would be about stability. I think the shutdown creates a bit of a gap in that belief about job security. With the shortage of workforce that you have and the demand you have for a cybersecurity workforce, I think it's going to open up some of the more talented cybersecurity experts to look at public versus privacy industry roles.
I haven’t touched on the shutdown’s effect on national cyber security efforts because I’ve been really hoping that it would only last a couple of days, no more than a week. Obviously, I was wrong. However, Carpenter makes a good point about how the shutdown could affect long-term national cyber security, and we have to pay attention. Here is the perfect reason why we have to make sure cyber security professionals will want to come to work in the public sector, courtesy of a panel that appeared at POLITICO’s Cyber 7 event:
Whatever happens politically over the rest of the year, the cyberthreat is already dangerous and becoming more so, the panelists said. Richard Bejtlich, chief security officer of Mandiant, said there has been no letup in the Chinese hacking threats that his company tracks, nor any shortage of dedication by Beijing to continue to try to exploit American and international networks.
Our government may be shut down, but the bad guys of the world are not, and they stand ready to attack.