In a recent talk at TechCrunch Disrupt SF, assistant director for cybersecurity with Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) Jeanette Manfra identified what she sees as a key "national security threat:" the lack of cybersecurity professionals available to protect U.S. critical infrastructure.
While Manfra stated that her agency has made training new cybersecurity technicians a high priority, she didn't sugarcoat the risk currently facing both governmental agencies and the private sector: "It's a national security risk that we don't have the talent regardless of whether it's in the government of the private sector. We have a massive shortage that is expected that will grow larger."
According to Manfra, Homeland Security's current strategy to remedy this shortage starts early. The agency is already working on developing a curriculum that can prepare potential developers from the early years of the school system. "We spend a lot of time investing in K-12 curriculum," says Manfra.
Manfra says that understanding how best to approach workforce training is also a key concern. She reports that her agency is looking at the private sector tech industry as a model for how to both recruit and retain cybersecurity professionals.
In addition to looking to the private sector for guidance, Manfra also believes that close collaboration could be critical to overcoming this security threat. For example, she imagines a program where the government will provide scholarships to cybersecurity technicians for spending three to five years working for government agencies prior to transitioning to the private security. She thinks that doing so can "build a community of people with shared experience [and] in security we're all trying to do the same things."
Lastly, Manfra notes, the general public also has a role to play in mitigating this national security threat. As she points out, foreign enemies aren't just targeting the country's actual technological infrastructure; they also want to erode general faith in American institutions, as seen in Russia's election interference in 2016. Says Manfra, "it's also about building a more resilient and aware public…and adversaries have learned how they can manipulate the trust in these institutions."
