Virginia turns attention to the cyber talent shortage
- By Derek Major
- Dec 04, 2015
Virginia Gov. Terry McAuliffe is aiming to make cybersecurity an economic pillar in his state -- but to do so, he'll need to find a lot more trained and talented workers.
“I am dead set in making Virginia the leader of cybersecurity; we have about 17,000 open cyber jobs in the state right now that we need to fill.” McAuliffe said at the inaugural Commonwealth Conference on Cyber and Education. “So we are training those cyber warriors of the future, because if we don’t, those companies will go elsewhere.”
The Dec. 2 conference featured several panels, including one with officials from private-sector cybersecurity companies and another with officials from the public sector. Among the topics discussed were the reasons behind the large number of cyber positions available.
Bradley Schwartz, the president and CEO of the Blue Canopy Group, warned that the industry is just seeing the start of the worker shortage when it comes to open positions.
“There are currently 25 job openings for every qualified candidate, meaning we are scratching a dry well,” he said. “So we do have a crisis today, but as everyone has been talking about, this problem it’s getting a lot worse ... the crisis is still coming.”
John Wood, the CEO and chairman of the Telos Corp., said the lack of effort by government and private companies alike to get younger people interested in cyber careers has led to a tug-of-war over a very small pool of talent.
“When we talk about this problem of lack of a workforce, the big issue … is that we take from each other, as opposed to expanding and getting more people interested in the whole notion of the field,” he said.
“What I think we need to do is expand the number of people that are actually interested in some basic things: applied mathematics, coding -- just math and science in general,” Wood added. “So what we’ve started doing is reaching out to academic institutions and creating partnerships with them.”
Wood said Telos has formed partnerships with Department of Homeland Security’s Science and Technology Directorate, George Washington University and MIT to give its interns access to new technologies that have been developed but that scientists have not yet figured out how to apply or commercialize.
SAIC CIO Bob Fecteau added that agencies and private companies must start looking at college students who have acquired certificates but who are still working on their degrees.
“I think a certificate is the start," he said, explaining how to move candidates from entry-level to more senior cybersecurity positions. "I think we have to create a really strategic pathway that starts off with a certificate, [then] we start working in the network security operations center watching logs. From that we start to move up and develop protection plans, governance plans and structures that get delivered that people can actually use.”
Wood agreed with Fecteau, and noted that agencies and companies need to scale back their qualifications for positions to acquire younger talent.
“One of the great things that is happening in the field is that we’re starting to accept certifications,” Wood said. “Typically what happens in the government when you’re trying to fill positons is they’ll say things like you need a bachelor’s degree plus five years -- well, there aren’t that many people who have that kind of capability, certainly not returning veterans or recent graduates. But if we can get them certifications, I think that’ll expand the workforce.”
Community colleges are trying to play a big part in filling those open vacancies, as many are now offering classes that allow students to get the training necessary for certifications. High schools, meanwhile, have started introductory courses to coding in an effort to get students interested at an earlier age.
Barry Barlow, the senior vice president and CTO of Vencore, believes that much of the cyber workforce will come from community colleges in the near future.
“At least from a staffing standpoint, we’re going to see a shift and as much as 40 percent of the cyber workforce will be graduates of community colleges with certificates," he said. "We think there’s a way to leverage that.”
And Richard Hale, the Defense Department's deputy CIO for Cyber Security, said there needs to be an easier path for cyber workers who want to move in and out of the government sector throughout their careers. People who leave government, he said, rarely come back.
“I think as government we need to grow our own workforce and keep them, but we also have to figure out an easier way to go in and out of government,” Hale said. “We don’t have to attract everybody at the beginning of their career and keep them. We like to do that, but we’d also like for a person to go out of government and come back in with as little friction as possible.”
Derek Major is a former reporter for GCN.