Alec Ross, senior advisor for innovation at the State Department, has a piece of advice for students tasked with the nerve-rattling dilemma of choosing a college major.
“If any college student asked me what career would most assure thirty years of steady, well-paying employment,” said Ross, “I would respond, ‘cybersecurity.’”
That’s because cybersecurity is a field where the rules of the recession seem flipped: There’s plenty of jobs, but relatively few qualified applicants.
The government needs to hire at least 10,000 experts in the near future and the private sector needs four times that number, according to Tom Kellermann, vice president at Trend Micro and former member of President Obama’s cybersecurity commission. Booz Allen Hamilton, a private security firm in Mclean, has hired nearly 3,000 cybersecurity experts in the past two years, and that trend is expected to continue.
Cyberattacks generally come in two varieties: state-sponsored intellectual capital theft and strikes against critical digital infrastructure, such as power grids or banking systems.
Both kinds are being carried out thousands of times a day. No one knows the precise cost; some experts put the dollar figure in the billions and others say it could reach hundreds of billions or more. Defense Secretary Leon Panetta has said that the threat of cyberattacks against infrastructure targets keeps him up at night, and former National Security Agency director Mike McConnell recently warned that the U.S. government isn’t equipped to detect and deflect a catastrophic attack.
“We’re going to have a catastrophic event [in cybersecurity]. Some of these tools already being built are going to leak or be sold or be given to a group that wants to change the world order and we’re incredibly vulnerable at the infrastructure level,” said Mike Mullen, former Chairman of the Joint Chiefs of Staff.
How can the government become better prepared? It needs more “white hats” – the good guys of the Internet, experts say. But not enough digital experts are entering the cybersecurity field to meet the ever-growing demand.
“It’s tough going out there,” said Edwin Kanerva, vice president at Booz Allen Hamilton. “Every company in [the area] is looking for the same thing. There’s just not enough of them. The gene pool is small.”
Recruiters for the company visit colleges across the country, but that may not be enough: According to a 2009 study from the Georgetown University Center on Education and the Workforce, college graduates earning degrees in computers and mathematics represented just shy of six percent of all graduates. Of those, only 36,500 of them, or two percent, earned a degree directly related to cybersecurity.
Why is that percentage so low? Kanerva said that many college students who train in Computer Science are attracted to fields other than security, such as software development or computer engineering, which are considered more hip and can sometimes offer six-figure starting salaries. The median salary for a graduate earning a degree in security was $55,000 in 2009 compared to $75,000 for computer engineering. Besides, who can resist the ultra-cool appeal and money-making potential of Silicon Valley?
“All of the big corporations – the Googles, the Microsofts, the Oracles – all have offices on campus and they’re in competition one another and with us. It’s difficult to compete with that as a defense contractor or security firm and convince Johnny or Mary to come to central Maryland and work in government.”
The key to training more cybersecurity experts, Kanerva believes, is exposing kids to STEM education – science, technology, engineering and mathematics – as well as add some cybersecurity training in high school.
“I think we need to get kids interested,” said Kanerva. “Kids get basic computer knowledge because they’re video game geeks. They sit at home with a PlayStation 3 and learn the basics without even realizing they’re learning.”
The U.S. government also recognizes the need for more STEM education.
No comments:
Post a Comment