By Tom Still
In the (first) Cold War, Americans worried about nuclear
attack and a retaliatory Armageddon that would have reduced the world to a
Then came the terrorist attacks of Sept. 11, 2001, when a
small group of suicidal zealots turned hijacked airplanes into bombs.
Today’s weapons of choice for those who would attack U.S.
interests are Trojan horse programs, denial-of-service attacks and
password-cracking tools used to steal or corrupt digital data.
Not every foreign power can bankroll a full-fledged
military, but it appears everyone can afford a room full of hackers.
The alleged North Korean cyber-attack on Sony Pictures
Entertainment was a reminder that foreign “hacktivism” not only aims to disrupt
national security interests, but economic and cultural stability, as well.
Sony initially scrapped the Christmas Day premiere of “The
Interview,” a comedy about a plot to assassinate North Korean leader Kim
Jong-un, following a hacking attack on the company and threats against cinema
chains that planned to screen the film. Sony’s decision drew criticism from
Hollywood to the White House, and the company approved a release that bypassed
the traditional curtain-raising in theaters.
Everyone loses when hackers from outside our borders can rob
us of cherished principles like the First Amendment to the U.S. Constitution,
or valuable lists of customer accounts stolen from major retailers and
financial service institutions. Such cyber-attacks can undermine national
security just as surely as those carried out directly against defense and
homeland security targets.
According to reports by the FBI and other sources, the list
of foreign hacktivist groups is long and getting longer. They include People’s
Liberation Army Unit 61398 in China, the Syrian Electronic Army, APT28 in
Russia and similar groups in nations ranging from Tunisia to Thailand, and from
Iran to ISIS. The United States is home to criminal hackers, as well, whose
main focus appears to be cracking into corporate cyber-vaults.
Having the right people in place to defend against such
attacks has become a major cost, and recruitment challenge, for businesses in
Consider Wisconsin’s major business sectors: They include
financial services, insurance, health care and retail chains, all of which can
be prime for cyber-attacks. And yet, most C-level leaders in those sectors
would admit there aren’t enough trained hackers of the honest variety to go
That problem deserves attention in Wisconsin, which is
behind the curve in producing, attracting and retaining the kind of
cybersecurity talent needed by companies and institutions of all sizes.
For starters, private companies aren’t just competing among
themselves for talent. The federal government is the largest single employer
cyber-security experts. The Department of Defense alone expects to increase its
cyber-fighting workforce to more than 6,000 employees by 2016, making it one of
the largest such forces in the world. Defense contractors employ large numbers
of developers and technical staff with cyber-expertise, as well.
The global demand for people with cyber-security skills is
forecast to grow at about 13 percent per year for at least the next three
years, according to the Global Information Security Workforce. A recent RAND
report, “H4cker5 Wanted: An Examination of the Cybersecurity Labor Market,”
confirmed the shortage and noted: “… educating, recruiting, training and hiring
these cybersecurity professionals takes time.”
Filling the workforce void in Wisconsin begins with
producing more students with computing skills, especially in the emerging world
of data science. Data scientists bring a combination of math, computational and
analytical skills to the job. Starting salaries for these positions are
substantial, sometimes in the six-figure category. In 2011, McKinsey & Co.
estimated there will be roughly 150,000 unfilled data analytics expert
positions by 2018.
Speaking Thursday in Madison at a Wisconsin Bankers
Association event, the president of the Federal Reserve Bank of Boston noted
that jobs in cybersecurity are netting top dollar nationally, even if some
other professions within the broad field of information technology are not.
So, what’s being done? The talent shortage is being
discussed within state agencies and academic institutions, and organizations
such as the Wisconsin Security Research Consortium are also making the case
that more must be done to close the talent gap. The magazine “Science”
published a report Thursday on Wisconsin’s efforts.
Cyber-attacks do much more than shut down movie theaters.
They threaten national security and cost businesses and the economy hundreds of
billions of dollars per year. Workforce development in Wisconsin should mean
more than preparing people for the skilled trades. It should include building a
workforce for the digital age.