” THE DENVER POST”
“Today there are more than 120,000 unfilled cybersecurity positions.
A figure greater than the number currently employed.
Months have passed since the FBI took aim at encryption in the case of the San Bernardino shooter’s iPhone. Once the dust settled, our country began to take a different look at the dangers of unprotected data.
A series of incidents has revealed alarming vulnerabilities in our digital defenses. In the worst of these, we’ve seen a foreign power seek to influence our presidential election through the breach of voter registration databases in Illinois and Arizona, and the theft of sensitive information from national party headquarters. These pose a grave threat to our democracy.
Forty-four years ago, our country suffered through turmoil after a similar break-in at the Democratic National Committee’ headquarters at the Watergate complex in Washington, D.C. Now we face the humiliation of revisiting the same crime, but this time perpetrated online by foreign state actors seeking to undermine public confidence in our elections.
We clearly need to bolster our defenses to maintain the integrity of the electoral process. Companies across the nation must also protect themselves from attackers that exploit security weaknesses. These challenges can only be met by first addressing the critical shortage of cybersecurity experts.
Watching the FBI stumble through the encryption debate opened our eyes to the severity of this shortage. Most of the agency’s struggles could have been avoided with personnel trained in the right forensics procedures. Focusing instead on requiring companies to compromise encryption security indicated that a different type of expertise was needed.
The FBI isn’t alone. Breaches at hospitals, retailers and in our own government have shown the dangers of ignoring this threat. Accordingly, the demand for cybersecurity professionals has skyrocketed, particularly since people with these skills are in very short supply.
High salaries are offered to lure these experts. The national average exceeds $93,000, according to the Bureau of Labor Statistics, and in Denver that figure is $98,590. Unfortunately, generous compensation hasn’t come close to attracting the number of applicants needed.
The problem is that our schools aren’t providing necessary education. Only one in eight high schools teach AP computer science. Few universities offer cybersecurity coursework and many graduates face difficulty transitioning into this workforce.
Some companies scramble to plug staffing holes with offshore contractors. That won’t work for critical infrastructure jobs requiring security clearance for which only American citizens qualify.
Our government’s battle against encryption technology was a distraction from more pressing challenges. Instead of fighting U.S. companies in the courtroom, we should be developing talent in the classroom to fight cyber attacks from abroad.
Colorado has taken the lead in this area. Our state has established the National Cybersecurity Center in Colorado Springs, and the Denver area has emerged as a hub for cybersecurity companies. Specialized training facilities have been a key factor in this growth.
The steps we are taking locally offer promise for the future, but the global stakes are immense. Russia-based attackers have already shut down Estonia’s banking system and Ukraine’s electrical grid.
While these events were temporary disruptions, they may have been the proving ground for much larger attacks. Future wars will be waged first in cyberspace where key infrastructure is disabled to aid kinetic, on-the-ground assaults.
The recent cyberattacks against our country demonstrate the grave danger posed by hostile foreign powers. Our country has the ability to combat these threats, but we must allocate resources where urgently needed. Prioritizing skills education — from grade school to job retraining — is essential to build the cybersecurity defenses we need. Only through investment in these capabilities can we be prepared to meet the challenges before us.”