Page 5 - index
P. 5
20%-'2(%-)-' %#30)27
By Alan Paller
The need to strengthen our nation’s information security has never been more critical or
more urgent. Yet, the flow of cyber talent into key technical jobs in industry and government
remains dangerously inadequate.
The current and future shortage of skilled professionals in cyber security is well documented,
yet we have been slow to embrace innovative ways to build a faster, more effective pipeline
of skilled talent. This leaves businesses and governments with little choice but to compete
for the same, inadequate pool of talent, raiding each other’s knowledge and capacity.
The results are sobering. Recruiting costs increase as HR departments are forced to over-
invest; Security levels are made unstable as organizations are too often in transition due to
turnover. And the pace of genuine advancement in the information security industry is
slowed and risks becoming stagnant.
We need a better approach.
A recently announced public/private partnership is showing real promise. Its participants
include two federal agencies - NSA and the US Army’s Intelligence and Security Command
(INSCOM) - and sixteen businesses: 3 banks (Citi, JPMorgan Chase, and Branch Banking &
Trust Co.) plus FINRA, a large power company (NIPSCO), media leaders including both
CBS and NBC Universal/Comcast, and key security product and service providers (Juniper
Networks, Accenture, KPMG, Pricewaterhouse Coopers, Ernst & Young, Solutionary,
Palantir, Stroz Friedberg and STIGroup). These organizations worked together to create the
National Cybersecurity Career Fair (NCCF), a cost-effective, innovative way for employers,
job seekers, and the industry to connect the right people, to the right jobs, in the right
companies. The effort, supported by Cyber Aces, a national cyber security nonprofit, the
SANS Institute, the Council on CyberSecurity, (ISC)², US Cyber Challenge, and the Center
for Internet Security, launched on June 18-19 and became the United States’ largest virtual
cyber security job fair.
NCCF quickly brought over 4,000 qualified applicants—veterans, students, career changers
and cyber security practitioners—to one central, virtual place. Each of the jobseekers had
completed training and/or certification programs through Cyber Aces, SANS, US Cyber
Challenge, and (ISC)² or had cyber security experience. These newly trained (or
discovered) talented new workers are a promising source of talent to meet the nation’s
needs. For the jobseekers, the fair was a one-stop shop for access to important cyber
security employers and job openings.
A key innovation of the NCCF allowed the candidates to prove their skills and better navigate
the cyber security industry, giving them the tools and network to continue job searches long
after the event. Each jobseeker was allowed to take the SANS CyberTalent Exam (at no
cost), which measures their skills and capability across five information security domains.
This was a unique opportunity for job seekers to demonstrate their skills to potential
employers. Assessments like the SANS CyberTalent Exam offer employers the opportunity
! " $
! # ! "