SAN FRANCISCO -- To keep on top of information security, America needs to recruit and train young people for cybersecurity careers, a top White House official told the RSA security conference here on Tuesday (Feb. 15).
The recommendation came from White House Cybersecurity Coordinator Howard Schmidt, who said schools aren’t properly preparing students with the skills necessary for security careers.
But, he said, the White House is taking action to make sure potential cybersecurity personnel are being groomed for careers and that security education is improved.
The National Initiative for Cybersecurity Education (NICE) is one result of this effort. According to the NICE website, its goal is to establish an operational and sustainable cybersecurity education program, and for the nation to use sound cyber practices that will enhance the nation’s security.
The United States has also become the latest of several countries to host a nationwide cybersecurity challenge, which tests young people in a variety of skills relating to security, IT, networking and operating systems.
James Lyne, senior technologist with the British computer security firm Sophos, agreed with Schmidt that young people don’t appear to be attracted to security careers.
“It seems like there is a diminishing number of young people who want to go into the field at a time when we have the greatest need for their service,” said Lyne, who said he first became interested in cybersecurity as a teenager.
But Lyne disagreed with Schmidt over where the emphasis should be in cultivating the future cybersecurity force.
Schmidt stressed the need for stronger science, technology, engineering and math (STEM) curricula in schools and for teachers, parents and leaders to get kids excited about STEM careers at a young age.
Lyne, however, thinks future cybersecurity employees will come from diverse educational backgrounds.
Working in cybersecurity, Lyne said, involves understanding the thought processes of the bad guys — not only how they hack, but why they want to break into a particular network.
And therein lies the beauty of initiatives such as the cybersecurity challenge, Lyne said — they encourage people who may not have an information-technology background to find out if they have the skills and aptitude for the field.
Both men said private businesses also need to step up to the plate to help develop cybersecurity professionals.
Lyne said employers need to be more willing to train employees who show potential but don’t have a strong technology background.
Schmidt said the next generation of entrepreneurs must think about how security and privacy issues fit into their business models and what skills their employees will need.
Whether it’s achieved through fun competitions or by encouraging young people that being a geek is cool, Schmidt and Lyne agreed that for the best security competitiveness, the ultimate goal is to get the right people into cybersecurity jobs.