White House’s new fix for cyber job gaps: Serve the nation in infosec
- Reference: 1725573845
- News link: https://www.theregister.co.uk/2024/09/05/white_house_cyber_jobs/
- Source link:
The Office of the National Cyber Director announced its [1]Service for America campaign yesterday, a two-month "sprint" that aims to connect Americans looking for decent careers with work in the cybersecurity industry.
"Throughout our history, generation after generation of Americans have stepped up to meet the challenges of their day," National Cyber Director Harry Coker Jr wrote in a blog [2]post announcing the campaign. "Today, we face a new challenge and with it a new opportunity to serve: defending cyberspace."
[3]
The Administration is planning to hold several career events between now and the end of October, along with seminars for job seekers on how to navigate the federal government job application process along with a week of workshops from NIST on exploring cybersecurity careers.
[4]
[5]
The ONCD is working with the Office of Management and Budget and the Office of Personnel Management on Service for America, and many of the events taking place as part of the program are geared toward filling open government positions. But not all, as Coker mentioned, the critical need to fill cybersecurity jobs in the private sector as well.
"Cyber is everywhere, and so are cyber jobs," Coker said in a [6]video unveiling the campaign.
[7]
"Our Nation has a critical need for cyber talent. Today, there are approximately 500,000 open cyber jobs in the United States and that number is only going to grow as more services and products go online with the expansion of technologies like artificial intelligence," Coker added in his blog post.
[8]White House thinks it's time to fix the insecure glue of the internet: Yup, BGP
[9]Security boom is over, with over a third of CISOs reporting flat or falling budgets
[10]We're just shouting into the void, says US watchdog offering cybersecurity advice
[11]Wait, security courses aren't a requirement to graduate with a computer science degree?
It's not like infosec professionals are a dime a dozen, though: There are far too few of them, and the ones that are out there are [12]already burned out . That, in turn, means a lot of people need to be trained to fill the nation's cyber ranks. With a field as critical as security, it's time to open the doors to all comers, says Coker.
"There is a perception that you need a computer science degree and a deeply technical background to get a job in cyber," he wrote. "The truth is, cyber jobs are available to anyone who wants to pursue them."
The NCD pointed to efforts outlined in last year's National Cyber Workforce and Education [13]Strategy [PDF] as ways the Biden Administration is seeking to expand the infosec workforce. Those methods include removing degree requirements from cybersecurity jobs in favor of a skills-based approach, more apprenticeships, and support for local training initiatives.
It's not clear whether the White House intends to continue the campaign's work in any way after Service for America concludes at the end of next month, or if any future pushes are planned to fill the nearly half a million vacant cybersecurity jobs. We've reached out to the White House with questions, but haven't heard back. ®
Get our [14]Tech Resources
[1] https://www.whitehouse.gov/oncd/preparing-our-country-for-a-cyber-future/service-for-america/
[2] https://www.whitehouse.gov/oncd/briefing-room/2024/09/04/service-for-america-cyber-is-serving-your-country/
[3] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Ztp-aHDzv1Av2o599E1BawAAAAI&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[4] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Ztp-aHDzv1Av2o599E1BawAAAAI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[5] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Ztp-aHDzv1Av2o599E1BawAAAAI&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0
[6] https://www.youtube.com/watch?v=8llpWN9zlpw
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/front&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Ztp-aHDzv1Av2o599E1BawAAAAI&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://www.theregister.com/2024/09/03/white_house_bgp_security/
[9] https://www.theregister.com/2024/09/05/security_spending_boom_slowing/
[10] https://www.theregister.com/2023/01/24/gao_cybersecurity_recommendations/
[11] https://www.theregister.com/2024/01/26/security_courses_requirements/
[12] https://www.theregister.com/2023/11/02/infosec_pros_burnout/
[13] https://www.whitehouse.gov/wp-content/uploads/2023/07/NCWES-2023.07.31.pdf
[14] https://whitepapers.theregister.com/
Re: The government desperately needs cyber security experts
only if you have some Clearance, Clarence... I've looked into these jobs, and I've no idea what security level they want, but it's way over my Clearance, Clarence...
Re: The government desperately needs cyber security experts
You can't be told what clearance you need for the job unless you have that clearance and you can't tell anyone what clearance you have unless the job is cleared for that clearance.
Re: The government desperately needs cyber security experts
Like Fight Club?
Pay mo money
Clearance is a secondary issue. Baseline is money.
Simply because IF you have can get the security clearance you can earn far more elsewhere.
And the big catch with treating it as national service is the recall clauses in that. So again, it stands to cost you a lot more $$$ even if you don't end up as a grunt on the line when recalled to service.
Try some other incentive because this one smells of bullshit ;)
Cyberjanitor
I can't help thinking that the government's new strategy is to continue using the cheapest labor for software but then giving it to a "cyber" team to clean it up. It will be a high stress job where you're digging through mountains of gibberish architecture while the boss keeps asking why it takes so long to fix one little vulnerability. On top of that, process will demand that you fix exactly one bug at a time. No 'rm -rf' and rewrite.
Find me people worth hiring
I spent ten years as a security consultant. One of my jobs was to interview candidates. Time after time, I was sent "senior security analysts", "SOC analysts", "Security Engineers", even "Security Architects" as candidates to interview.
Time after time, I indicated "Do not recommend, needs remedial training."
Not every time, but often enough that it became something of a joke. I had recruiters listen in on my interviews only to realize, if anything, I was understating the problems. I started writing direct quotes from the candidate into my writeup to explain "We can't use this person."
I've provided trainings, mentored individuals, and otherwise encouraged the career of others into the field. It is a constant problem to find people who are up to the level of "know they know nothing".
Telling people to get into the field isn't very useful if we aren't sent people who are worth the cost of the chair they sit in.
The government desperately needs cyber security experts
Must be natural born American, must be white christian (ed. I know but we aren't allowed to actually say that)
No tattoos, piercings or non-suit wearing type behavior
No convictions for possession of the devil's lettuce
Pay is naturally a fraction of industry rates
Hiring will proceed after an indeterminate period of administrative checks, if you ask how much long the process is likely to take you fail the process