There is a widening gap of talent in the cybersecurity industry due not only to growing cybercrime, but also to our ever increasing dependency on technology in terms of where and how we are social, purchase products, and ever more frequently entertain ourselves. Presently, there are not enough people to fill the need of programmers to create a more secure internet. And the deficit is growing. There are 100,000 people currently working as information security analysts, with a projected 18% to 28% increase in individuals to enter the workforce over the next 10 years. The number of data breaches in the last year alone? 172,381,976.
One part of the problem may be security companies who are more inclined to recruit people with traditional technology credentials (i.e. Computer Programing and Security) and who fail to source potential talent in non-traditional backgrounds such as media or law enforcement, but who are willing to be cross-trained in computer sciences. Or programmers in other industries who are already practiced at thinking creatively that can be uptrained in cybersecurity.
The most effective solution for meeting future demand for personnel who are tech savvy and interested in an active role in cybersecurity is creating education at the grade-school level today. Rather than waiting for people to specialize later in their education, programs that teach kids how to code and think critically years before higher education may prove critical in cultivating more people that could be interested in the security field.
Another factor in the present disparity is the growth of hackers either joining cells that have the intent to steal information or hold it hostage, or who are creating systems that run such operations. These rogue programmers can innovate at a rate larger companies cannot and can maneuver around what is thrown at them because of lean and agile development environments. Many hackers have no credentials, but acquire skills, learn a new device, or learn software on the go. Many acquire know how from cyber-crime schools that can be subscribed to online.
What is the best option for now? Criminals are not going to sit around and wait for the companies and people they’re targeting to become prepared. The best option for now is our current programmers and security specialists to create secure layered parameters – with as many roadblocks as possible for would-be hackers to get through. A good example would be end-to-end encryption on smaller bits of data within a program; concepts like blockchain, where a core program spreads out aspects of information across a number of secure servers and has them communicate through multiple layers of security. Data stored and transmitted in a blockchain fashion becomes less interesting to a would be hacker than larger databases with centralized files that once cracked, data can be easily be abscombed.