The cyber skills gap affects every part of a federal agency’s cyber posture. From configuring network firewalls to staffing security operations centers and analyzing thousands of potential threats per day, the need for talented workers to secure federal data is immense.
The impact of the shortage of qualified cybersecurity professionals has been felt by organizations across the country. In fact, a recent Fortinet survey found that 73% of organizations had at least one intrusion or breach over the past year that can be partially attributed to a gap in cybersecurity skills.
A 2019 (ISC)2 study estimated that the global shortfall of skilled workers surpassed four million workers even before the pandemic-driven pivot to remote telework further increased the need for IT and security staff. There simply are not enough cybersecurity professionals to fill critical roles.
So how do agencies address the cyber skills gap? The process is two-fold. First, automate routine cyber tasks so the analysts agencies already employ can focus on the more significant threats — which are typically those that require skill and creativity to neutralize.
Second, develop a more diverse pool of cyber talent, drawing from places outside college and universities. This includes reaching out to veterans, who already understand the missions of the federal government and who have a proven track record of operating under pressure in support of our national security.
AI, ML and threat analysis
Many agencies today operate in reactive mode. They position broad security tools to counter the most likely attack vectors and techniques, but attackers are dynamic and frequently change their tactics — often succeeding in penetrating a target only after a process of trial and error. Most attacks are not invisible and undetectable — the attackers are able to rely on the fact that network defenders cannot be watching everywhere at all times, that even if they detect a potential attack it is difficult to determine a genuine threat from a benign anomaly, and that even if a malicious activity can be detected in progress it can be difficult to ascertain how to respond in real time. As a result, far too often agencies are left with cleaning up the mess after an intruder has successfully breached their network.
Artificial intelligence and machine learning don’t assume a reactive posture and are well suited to helping agencies deal with data overload. In fact, security technologies with AI and ML use the volume of data on agency network activity to be able to characterize normal activity, to spot abnormal behavior, to gauge which abnormal activity is malicious and to respond to it in real time. ML also supports tasks like behavioral analytics to counter insider threats or external ones leveraging stolen credentials, and to detect unknown or zero-day threats based on their intent or pattern of activity.
In sum, agencies need AI-based security analysis and response to help deal with data and solution overload and to help fend off the speed and sophistication of threats. As those AI-based securities play an increasingly critical role, current cybersecurity workers will need to be trained on the new technology and prospective cyber pros should make sure it’s part of their training and tool kit.
Training a new breed of cyber talent
Veterans represent a largely untapped segment for our next generation of cyber defenders for federal networks. There is a natural synergy between the mission of national security they performed in the U.S. military and protecting critical information for government agencies.
Veterans often bring leadership and teamwork skills developed during their military service that directly translate to the challenges of defending federal networks. And the ability to learn, to adapt and problem solve quickly, and attention to detail are all qualities present in our veteran population. There are also practical reasons for training veterans, including their ability to obtain and maintain security clearances.
Put simply, veterans readily understand the need to thwart malicious cyber actors and are used to making quick decisions in dynamic environments under intense pressure. By pursuing a career in cybersecurity, veterans can find ready employment and can continue to support a mission that protects citizens, critical information and national security.
While the number of cybersecurity positions steadily outpaces the number of cyber professionals, the U.S. has some of the best and brightest talent on hand, transitioning from the ranks of the armed forces but still ready to serve their country. Except this time, they’re trading in a weapon for a laptop. The federal government simply can’t afford to pass up that kind of talent.
Combined, these strategies of AI and leveraging the talent represented by our veterans will serve as a bridge between what needs to be done now and what needs to be done to ensure the security of the networks of the future. Humans can’t do it alone, but it will take a talented and motivated team to harness the full value of AI in cybersecurity. These two initiatives will go a long way towards filling the workforce and skills gaps and keep federal networks and America’s information safe.
Jim Richberg is public sector field chief information security officer at Fortinet. He formerly served as the national intelligence manager for cyber in the Office of the Director of National Intelligence, where he set national cyber intelligence priorities.