In the (first) Cold War, Americans worried about nuclear
attack and a retaliatory Armageddon that would have reduced the world to a
Then came the terrorist attacks of Sept. 11, 2001, when a
small group of suicidal zealots turned hijacked airplanes into bombs.
Today’s weapons of choice for those who would attack U.S.
interests are Trojan horse programs, denial-of-service attacks and password-cracking
tools used to steal or corrupt digital data.
Not every foreign power can bankroll a full-fledged
military, but it appears everyone can afford a room full of hackers.
The alleged North Korean cyberattack on Sony Pictures
Entertainment was a reminder that foreign “hacktivism” not only aims
to disrupt national security interests, but economic and cultural stability, as
Sony initially scrapped the Christmas Day premiere of
“The Interview,” a comedy about a plot to assassinate North Korean leader
Kim Jong Un, following a hacking attack on the company and threats against
cinema chains that planned to screen the film. Sony’s decision drew criticism
from Hollywood to the White House, and the company approved a limited
Read this column in the Milwaukee Journal Sentinel here.
Everyone loses when hackers from outside our borders can
rob us of cherished principles like the First Amendment to the U.S.
Constitution, or valuable lists of customer accounts stolen from major
retailers and financial service institutions. Such cyberattacks can undermine
national security just as surely as those carried out directly against defense
and homeland security targets.
According to reports by the FBI and other sources, the list
of foreign hacktivist groups is long and getting longer. They include People’s
Liberation Army Unit 61398 in China, the Syrian Electronic Army, APT28 in
Russia and similar groups in nations ranging from Tunisia to Thailand, and from
Iran to ISIS.
The United States is home to criminal hackers, as well,
whose main focus appears to be cracking into corporate cyber vaults.
Behind the curve
Having the right people in place to defend against such
attacks has become a major cost, and recruitment challenge, for businesses in
Consider Wisconsin’s major business sectors: They include
financial services, insurance, health care and retail chains, all of which can
be prime for cyberattacks. And yet, most C-level leaders in those sectors would
admit there aren’t enough trained hackers of the honest variety to go around.
That problem deserves attention in Wisconsin, which is
behind the curve in producing, attracting and retaining the kind of
cybersecurity talent needed by companies and institutions of all sizes.
For starters, private companies aren’t just competing among
themselves for talent.
The federal government is the largest single employer of
cybersecurity experts. The Department of Defense alone expects to increase its
cyber-fighting workforce to more than 6,000 employees by 2016, making it one of
the largest such forces in the world. Defense contractors employ large numbers
of developers and technical staff with cyber-expertise, as well.
The global demand for people with cybersecurity skills is
forecast to grow at about 13% per year for at least the next three years,
according to the Global Information Security Workforce. A recent RAND report,
“H4cker5 Wanted: An Examination of the Cybersecurity Labor Market,”
confirmed the shortage and noted: “…educating, recruiting, training and
hiring these cybersecurity professionals takes time.”
Closing the talent gap
Filling the workforce void in Wisconsin begins with
producing more students with computing skills, especially in the emerging world
of data science.
Data scientists bring a combination of math, computational
and analytical skills to the job. Starting salaries for these positions are
substantial, sometimes in the six-figure category. In 2011, McKinsey & Co.
estimated there will be roughly 150,000 unfilled data analytics expert
positions by 2018.
Wisconsin is one of only seven states lacking a training
program used by the Department of Homeland Security and the National Security
Known as the National Centers of Academic Excellence in
Information Assurance and Cyber Defense, there are about 100 such outlets
nationwide. The program encourages the teaching of cybersecurity and building a
pipeline of professionals, not only for the government but for other sectors.
So, what’s being done?
The talent shortage is being discussed within state
agencies and academic institutions, and organizations such as the Wisconsin
Security Research Consortium also are making the case that more must be done to
close the talent gap.
Cyberattacks do much more than shut down movie theaters.
They threaten national security and cost businesses and the economy hundreds of
billions of dollars a year.
Workforce development in Wisconsin should mean more than
preparing people for the skilled trades. It should include building a workforce
for the digital age.