U.S security vulnerable due to shortage of "Cyberwarriors"

stangman

Just read this and thought I would pass it along.

According to the NPR, the U.S. may be the most vulnerable country in the world for a large-scale cyberattack, and that there are only "1,000 people in the entire United States" with the skills neccessary for complex cyberdefense tasks.
In a report, shortly to be released from the Center for Strategic and International Studies (CSIS), it is found that there is a "desperate shortage" of trained people who are able to "design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts."
Cyberwarriors are highly trained inidividuals who are able to detect methods that could be used to penetrate government or large coporation networks, and have the neccessary skills to develop countermeasures to stop hackers. The lack of cyberwarriors, this seems to be in contrast with the Chinese situation, where the NPR say that "training of computer experts is a national priority" and that the Chinese government "appears to be systematically building a cyberwarrior force."
Alan Paller of the SANS institute (SysAdmin, Audit, Network, Security) said that a chinese youth who won a competition that singles out kids that are caught hacking was found hacking into the Pentagon, and as a result, they trained him and got him working "very, very fast."
As a result of this, the U.S government is planning to begin their own, similar program and are promoting a "U.S. Cyber Challenge" which is a "national talent search at the high school level." Apparently, the aim is to find as many as 10,000 young cyberwarriors. Senator Thomas Carper sees the challenge as an opportunity to utilise the talent saying that "not only for them to hone their skills on being able to hack into other systems, particularly those of folks we may not be fond of, but also to use what they learn to strengthen our defenses."

kriscamaro68

stangman wrote: »

Just read this and thought I would pass it along.

According to the NPR, the U.S. may be the most vulnerable country in the world for a large-scale cyberattack, and that there are only "1,000 people in the entire United States" with the skills neccessary for complex cyberdefense tasks.
In a report, shortly to be released from the Center for Strategic and International Studies (CSIS), it is found that there is a "desperate shortage" of trained people who are able to "design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts."
Cyberwarriors are highly trained inidividuals who are able to detect methods that could be used to penetrate government or large coporation networks, and have the neccessary skills to develop countermeasures to stop hackers. The lack of cyberwarriors, this seems to be in contrast with the Chinese situation, where the NPR say that "training of computer experts is a national priority" and that the Chinese government "appears to be systematically building a cyberwarrior force."
Alan Paller of the SANS institute (SysAdmin, Audit, Network, Security) said that a chinese youth who won a competition that singles out kids that are caught hacking was found hacking into the Pentagon, and as a result, they trained him and got him working "very, very fast."
As a result of this, the U.S government is planning to begin their own, similar program and are promoting a "U.S. Cyber Challenge" which is a "national talent search at the high school level." Apparently, the aim is to find as many as 10,000 young cyberwarriors. Senator Thomas Carper sees the challenge as an opportunity to utilise the talent saying that "not only for them to hone their skills on being able to hack into other systems, particularly those of folks we may not be fond of, but also to use what they learn to strengthen our defenses."

Interesting and yet scary. I would not want the youth of today to be at the forefront of our nations cyber security. Not saying that all of the young people today are bad just that almost every one I meet is brain dead or a whiny little a-hole that thinks he should be spoon fed.

Devilsbane

kriscamaro68 wrote: »

Interesting and yet scary. I would not want the youth of today to be at the forefront of our nations cyber security. Not saying that all of the young people today are bad just that almost every one I meet is brain dead or a whiny little a-hole that thinks he should be spoon fed.

Like it or not, we're your retirement plan

Bl8ckr0uter

I would be game but Im out of HS. Honestly there are probably enough out of work IT oriented people that could be trained up to be cyber warriors. That and green technologies could change the US for the better. But I guess that would make too much sense.

kriscamaro68

Devilsbane wrote: »

Like it or not, we're your retirement plan

Well I am not that old, I am 26. Things went down hill even while I was in school and have only gotten worse. But thats another story for another day.

JDMurray

Note this part:

it is found that there is a "desperate shortage" of trained people who are able to "design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts."

Based on this statement, we're not short on people to operate cyber defenses and shoot "cyber guns," but instead we need the people who can conceptualize, design, and build these tools in the first place. That takes people with scientific, engineering, and mathematics backgrounds. The typical IT person doesn't fall into these categories with their job functions.

Those people that choose computer science and engineering as their career path are the ones that will be saving us from cyber conquest in the future.

Hyper-Me

Agree with JDMurray.

Also, it seems that a large amount of people that get into security for the government have very little in the way of real-world knowledge but have degrees/know someone/etc that mean little the metal meets the meat.

SephStorm

JD and minus make good points,

Your traditional IT guy is much more interested in DOING rather than planning, or creating new technologies. That is not to say that there are not hackers among us. (non compsec definition implied)

On the other hand I believe that the young guys may be those saviors. I just think we need to motivate them and give them those opportunities sooner, because our adversaries sure are. We dont have 20 years to wait for the young kid interested in computers to graduate high school, go to college, work at the help desk, transition to security. We need real training, and we need to trust those people we give that training, and put them into the field.

networker050184

kriscamaro68 wrote: »

Interesting and yet scary. I would not want the youth of today to be at the forefront of our nations cyber security. Not saying that all of the young people today are bad just that almost every one I meet is brain dead or a whiny little a-hole that thinks he should be spoon fed.

And you think your parents (and your parents parents) didn't say the same thing?

tpatt100

Like what was said already. There are plenty of techies but not enough people who can plan and design. I am doing a C&A project at work right now. I am used to being the tech but now I do more writing and interpreting than anything.

bellhead

If you want to be a cyber warrior then joining the military is the way to go. The two services at the front are the Air Force and Navy..The Navy is CTN and the air force is 1N4X1.

Kaminsky

There is also a shortage due to criminal organisations going after these types of people as well. A friend's son was studying computer forensics and their lecturer told them he expected at least 20%-30% of that year's intake to be targetted with gifts and favours from criminal elements at some point during their studies.

Surely an imaginitive hacker with government support would be the best type of person to protect you from malicious imaginitive hackers. IT support people generally don't have the time to delve too deeply across the spectrum of IT technologies but tend to have a broad depth of knowledge of IT with a few specific interest areas. Hackers typically are very knowledgable on a few specific techonologies and have very little depth on anything else.

Imagination though, is not something you can teach. There will always be some snotty little 14 year old that finds a way in.