Cybersecurity Workforce Gap Challenges New CISA Director

In her first major speech since taking office last month, Cybersecurity and Infrastructure Security Agency Director Jen Easterly called for the cybersecurity community to help the nation overcome the cybersecurity workforce shortages.

“I believe we need to be much more ambitious about [the skills gap] and be innovative about figuring out how to inform, educate and really inspire the next generation of cybersecurity professionals,” Easterly said, speaking virtually on Aug. 5 at the annual Black Hat conference. “If you’re interested in joining us, we encourage you,” she said. “My goal is to breathe new life into … public-private operational collaboration.”

Department of Homeland Security Secretary Alejandro Mayorkas, who also spoke virtually at Black Hat, said DHS is close to launching a new Cyber Talent Management System. This initiative…will give us more flexibility to hire the very best cyber talent and ensure we can compete more effectively with the private sector,” Mayorkas said. “It’s taken too long to get here, but we are proud to have gotten this hiring effort over the finish line. Developing a top-tier, diverse cybersecurity workforce will remain a priority for us at DHS and the federal government.”

The renewed focus on the cybersecurity skills gap is no surprise given the volume and sophistication of recent attacks against the government and critical infrastructure operators. Unfortunately, the cybersecurity industry has created an untenable situation for the skilled professionals who staff today’s security operations centers. High stress and excessive job turnover are endemic among security analysts, who continue to be in high demand and short supply. In a survey conducted by the Cyentia Institute, more than 25% of security analysts expressed dissatisfaction with their current position and one-third were currently looking for another job. Tellingly, 28% had never stopped an actual intrusion or couldn’t remember having done so.

The lesson is clear: There’s an overwhelming need to better allocate the one resource – human attention – which is of the highest value and in the shortest supply in today’s security operations programs. Enabling security analysts to become more effective and to see evidence that their labors have borne fruit is key for increasing job satisfaction and retention rates among security analysts and incident responders.

To do so, organizations must:

• Use automation to replace the most common and repetitive manual workflows
• Increase contextual awareness to improve speed and accuracy of event triage and incident response
• Improve processes and document effectiveness so that analysts can better understand where they’re making an impact

Joint Cyber Defense Collaborative

Easterly also announced the formation of the Joint Cyber Defense Collaborative (JCDC), a new CISA initiative designed to improve U.S. cyber defense capabilities and planning through a strategic partnership between the government and the private sector. Some key themes to solve this cybersecurity puzzle include; urgent threats and those on the horizon, transparency and information sharing, partners and collaboration, and ensuring the workforce of today and tomorrow is equipped with the right skills and knowledge to protect against future threats.

The key capabilities of the new JCDC are:

• Comprehensive whole-of-nation planning to address risk both during steady-state operations and during an incident
• Common situational awareness and analysis to equip public and private partners to take risk-informed coordinated action
• Integrated cyber defense capabilities to protect the nation’s critical infrastructure.
• Ensure plans for cyber defense operations are adaptive to defend against adversary activity conducted in response to U.S. offensive cyber operations
• Flexibility in planning and collaboration to meet the cyber defense needs of the public and private sectors
• Institutionalized exercises and assessments to continuously measure the effectiveness of cyber defense planning and capabilities
• Work closely with the Sector Risk Management Agencies (SRMAs) to bring their unique subject matter expertise to tailored plans to address sector risk