Cyber worker shortage hurting operations

Shutterstock image: businessman holding workforce icons in his hands.

Although the U.S. is in the top tier for educating new cybersecurity workers, the small talent pool is still a significant challenge for industry and government, according to a new survey.

Intel Security, in partnership with the Center for Strategic and International Studies (CSIS), polled 775 IT cybersecurity decision-makers in the U.S., U.K., France, Germany, Australia, Japan, Mexico and Israel. The resulting report, "Hacking the Skills Shortage: A Study of the International Shortage in Cyber Skills," states that 82 percent of the executives said they do not have enough cybersecurity workers, and 71 percent said the shortage is doing direct and measurable damage to their operations.

That shortage is particularly troublesome for the Department of Homeland Security, which is charged with helping protect critical infrastructure and civilian agency networks, said Phyllis Schneck, deputy undersecretary for cybersecurity and communications at DHS' National Protection and Programs Directorate (NPPD).

"Cyber adversaries have no lawyers, no rules [and] plenty of money," she said at the event CSIS held on July 27 to release the study. "All they have to do is execute. We have to protect a way of life."

And that vulnerability could increase as federal agencies move toward managed services, said James Lewis, a senior vice president and director of CSIS' Strategic Technologies Program. He told FCW that the agencies using managed services must be aware their provider's security capabilities.

One piece of good news: The study shows that the U.S excels at cybersecurity education. The country has six top universities with cybersecurity programs, the second highest rate of government expenditure on education among the eight countries and strong performances in computer hacking competitions.

Nevertheless, 53 percent of respondents said the cybersecurity skills shortage is worse than talent deficits in other IT professions. They also said the fierce competition for the limited number of cybersecurity workers is ongoing. High-value skills, in particular, are in short supply in some of the most crucial cybersecurity areas, including intrusion detection, secure software development and attack mitigation.

Schneck said DHS has been aggressively targeting cybersecurity professionals and going beyond the traditional government hiring practices. She added that DHS was conducting a cybersecurity job fair at a hotel in Washington a few miles from the CSIS event, and the department has a new capability to offer jobs on-the-spot to particularly attractive candidates.

Furthermore, the department's plan to reorganize NPPD into a new entity that cuts across the National Cybersecurity and Communications Integration Center, the Office of Infrastructure Protection and the Federal Protective Service would have physical security and cybersecurity experts working side by side. She said that approach could attract cybersecurity professionals who want to help protect critical parts of the U.S. infrastructure.

Schneck also reiterated her support for a new career path for cybersecurity employees that would allow them to move more freely between the federal government and the private sector, thereby enhancing their skills and the security of both sectors.

About the Author

Mark Rockwell is a senior staff writer at FCW, whose beat focuses on acquisition, the Department of Homeland Security and the Department of Energy.

Before joining FCW, Rockwell was Washington correspondent for Government Security News, where he covered all aspects of homeland security from IT to detection dogs and border security. Over the last 25 years in Washington as a reporter, editor and correspondent, he has covered an increasingly wide array of high-tech issues for publications like Communications Week, Internet Week, Fiber Optics News, magazine and Wireless Week.

Rockwell received a Jesse H. Neal Award for his work covering telecommunications issues, and is a graduate of James Madison University.

Click here for previous articles by Rockwell. Contact him at or follow him on Twitter at @MRockwell4.


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.