Home » Cyber-warfare » A Shortage of Cyber Warriors

A Shortage of Cyber Warriors

By Kevin Coleman
Defense Tech Cyber War Analyst

Private contractors have proven vital in the current wars, providing services that range from security and fighting in battles to training and supply chain management. Recently there has been a lot of attention being given to the number of contractors used within both theaters of operations – Afghanistan and Iraq.

Well, if they think the ratio for conventional military operations is too high, wait till they see what it is in the cyber domain! While I can find no real numbers, actual experience suggests that the private sector is where the hard-core cyber talent is. After all, the private sector was responsible for creating the vast majority of hardware and software used by the military, intelligence and homeland security organizations.

A recent story on NPR stated that U.S. security officials say there is a severe shortage of people who have the sophisticated skill and knowledge needed to do battle in the cyber warfare domain. In addition, last week a CSIS report said there is a shortage of between 20,000 and 30,000 well trained cyber soldiers needed in the near term to address the offensive, defensive, intelligence and leadership needs in the cyber domain.

Training this number of individuals will take time and then there is the question of experience in the information security field. Nationally enrollment in computer science began to decline in 2000. This trend is not limited to computer science programs. It extends to all technology centric programs and tracks. This trend began a slight turn-around in 2007 and now enrollment has increased 14 percent since then. Even with this increase we fall far short of what we need.

Where are we going to get these people and how can we bridge the gap until we can train them and get them the experience they need to defend our nation in cyber space?

Share |

{ 12 comments… read them below or add one }

Oblat July 28, 2010 at 12:34 pm

Real IT jobs pay well and the rates even increased during the recession but why would anyone want to jeopardize that by get mixed up with the cyberwar crazies. Best way to ensure that you never get hired is to put "Cyberwar" into your resume.

The harsh reality is that even defense contractor experience is seen as a big negative in many companies - the rule of thumb is that if you have 7 year experience with a defense contractor then you are a vegetable, even 3 is a big negative.

Reply

Wombat July 28, 2010 at 11:52 pm

I don't know where you have been working at, but in my experience, being both a defense contractor and having 2 degrees in cyber warfare, have had a big positive effect on my marketability.

Reply

geedeck July 28, 2010 at 2:09 pm

The typical military mindset absolutely slaughters the skills that are need to be a good hacker. You need to have freedom and you need to be able to be creative, to waste time and to not be stepped on by superiors.

I'm sure there's a certain amount of great hackers in the armed forces that manage to survive, but it's likely a fraction of what they need.

Contractors seem the only way to go, but I think it'd be rare to find someone in the armed forces that could properly recognize talent. Not impossible mind you, just rare. I mean, it's not an easy thing in the real world even.

I don't really see an elegant solution.

Reply

Kevin July 28, 2010 at 2:48 pm

But what about all the negative attention being given to the use of contractors in the Iraq and Afgan theaters of operations. Will that controversy impact the decision making of our DHS and Military leaders?

Reply

Will July 28, 2010 at 5:28 pm

Iraq & Afghanistan:
1) No-bid contracts in combination with apparent profiteering. Avoidable if there are at least 2 competitive bidders for each contract + adequate auditing on the gov't side.
2) Armed contractors - mercenaries - that, in practice, have much looser rules of engagement than service members. Not an issue for cyber warfare.
A possible new problem will be both public & private sector people using their government funded cyber abilities for personal gain.

Reply

Jacob July 28, 2010 at 11:44 pm

“The typical military mindset absolutely slaughters the skills that are need to be a good hacker. You need to have freedom and you need to be able to be creative, to waste time and to not be stepped on by superiors.”

Wasn’t this also the case with military aviation back when air forces were first starting to develop? Pilots also needed to show initiative and do things on their own….so the generals just let them cut loose and produce their own innovations.

Reply

Uncle Bill July 28, 2010 at 7:53 pm

Could the WikiLeaks fiasco be considered as an act of cyber warfare?

Reply

Wombat July 28, 2010 at 11:56 pm

Ehhh.. I would say not really. AFAIK there wasn't any malicious use of one nation-state's networks/computers, it was really just some 'regular' leaking that got out to the internet. There is a very blurry line to the definition of cyberwarfare, whether it includes espionage, large scale criminal activites (like mob stuff not terrorism), or even corporation vs corporation activites. But there wasn't really any exploiting of cyber technologies beyond just that it got on the net.

Reply

Stephen Russell July 29, 2010 at 12:54 am

Change hiring regs, change training for non IT types to gain skills IE those with basic PC skills maybe? Its something since people need Jobs & careers & this is a Must Hire.
All ages over HS age to 80 yrs min for this work IF PC skilled.

Reply

rkh July 28, 2010 at 10:27 pm

It’s funny. The one article mentions a 17 year old hacking into the event’s web server. If you go to http://www.cert.org/nav/jobs.html ,though, it looks like they want a BS/MS with 5-10 years of experience, minimum, end-of-story. Now, the folks I know with these skills don’t necessarily have the squeaky-cleanest of pasts, but I can understand the need to weed out bad actors. I’m at a loss as to how to balance these two ideas, but that’s what’s going to need to happen if they want to find these people. Something tells me that the strict educational requirements have something to do with CERT’s connection to CMU, though.

Reply

spg July 28, 2010 at 11:41 pm

Our military has mastered the 4 domains of air, sea, land, and space. We can maneauver through all 4 and dominate any enemy in combat. Our adversaries have the advantage in the 5th domain that crosses the first 4. One state sponsered hacker from afar can wreak havoc. Imagine a Brigade or Division of hackers.
No trucks, tanks, planes, gas, bullets or guns. A laptop and an internet connection. That is the future of 1. Clandestine operations and 2 first strike capability. If we do not recognise this, we cannot master the 5th domain.

Reply

Zach August 2, 2010 at 12:53 pm

One thing the government has is lots of money. When they get serious about this they'll simply dangle $200k jobs and offer to buy any hardware in any amount, no questions asked. I'm sure they'll find plenty of very talented people willing to sign up.

Reply

Leave a Comment

Previous post:

Next post: