Cybersecurity Starts in High School with Tomorrow’s Hires

Five dozen teenagers hunched over computers in a hotel conference room near Washington, decrypting codes, cleaning malware and fending off network intrusions to score points in the finals of a national cybersecurity contest.

Just hours later, the high-school students got a glimpse of the labor market’s appetite for their skills as sponsors such as network equipment maker Cisco Systems Inc. described career opportunities. Internships start as young as 16 at Northrop Grumman Corp., which reserves 20 spots for participants in the Air Force Association’s contest.
“We’re the largest provider of cybersecurity solutions to the federal government, so we know that we’ve got to help build that talent pipeline,” said Diane Miller, Northrop’s program director for the CyberPatriot contest, on the sidelines of the March event. “We just have a shortage of people applying” for the 700 positions currently open.
Security breaches experienced by institutions ranging from Facebook Inc. to the Federal Reserve are spurring spending on cybersecurity. President Barack Obama describes the threat as one of the nation’s most serious perils, while the Department of Defense has said the Chinese military has targeted government computers. With few specialists trained to respond to evolving attacks and most universities still adjusting to requirements, demand is overwhelming supply.
“I cannot hire enough cybersecurity professionals, I can’t find them, they’re not qualified,” said Ryan Walters, who founded mobile data security company TerraWi Inc. in 2009. The company, based in McLean, Virginia, employs 12 people and plans to expand to 20.

CyberPatriot Contest

Walters, who says he has 22 years of experience in the field, helped prepare 48 students from Marshall Academy in Falls Church, Virginia, who competed in the CyberPatriot contest this year. Twelve made it to the finals. He says he’s gotten calls from companies and government agencies to interview his protégés.
“I love the activity, it’s like a passion,” said Ramon Martinez-Diaz, a 16-year-old sophomore coached by Walters. “But it’s also great that there are so many job openings.”
Listings for cybersecurity positions rose 73 percent in the five years through 2012, 3.5 times faster than postings for computer jobs as a whole, according to Boston-based Burning Glass, a labor market analytics firm that collects data from more than 22,000 online jobs sites.

Offers Reposted

“You have to scratch your head and ask whether the supply could possibly keep up with that,” Burning Glass Chief Executive Officer Matt Sigelman said in a phone interview. Data show “employers literally just posting and reposting” their offers, he said.
There were 64,383 jobs related to cybersecurity listed for the twelve months through April, about 3 percent of all information technology positions, according to the company.
Rob Waaser found his skills in high demand. Just more than a month after graduating in December from Carnegie Mellon University in Pittsburgh with a master’s degree in information security technology and management, he started working at defense contractor Raytheon Co. Waaser chose to pursue a master’s because he said the industry is technical enough to justify the extra training.
“Cybersecurity is a good field these days to get into -- there are a lot of people out there looking for talent,” said the 24-year-old, who got offers from all six of the potential employers he interviewed with. “I really didn’t have a problem finding job openings.”

Preparing Specialists

To prepare the next generation of specialists, the federal government’s National Security Agency is working to strengthen college-level education through its National Centers of Academic Excellence in Cyber Operations program, which gives a designation to universities that meet curriculum and other criteria.
Companies and government agencies are finding many candidates exiting college programs inadequately prepared for high-skill jobs crucial to cybersecurity, said Frank Reeder, co-founder of the Center for Internet Security in East Greenbush, New York, and former senior official at the U.S. Office of Management and Budget responsible for information policy.
“In the cybersecurity world, it’s still a little bit of the Wild West,” he said. For today’s gap, part of the solution is to train existing workers, he said.
Alan Paller, whose Bethesda, Maryland-based company SANS Institute provides such instruction, said many job candidates lack the hundreds of hours of lab experience needed to develop the highly-specific skills required.

‘Fighter Pilots’

“We have a huge number of frequent flyers and a tiny number of fighter pilots,” Paller said. “In the next war, people will be the tanks and the planes. We’ve got to be ready.”
The threat of cyber attacks has for the first time become a greater concern than terrorism, James Clapper, the top U.S. intelligence official, told the House Intelligence Committee during an April hearing. A spate of recent disclosures by corporations about security breaches include social network Facebook, which said it was targeted in a “sophisticated attack” by hackers in January who installed malware on laptops used by company employees.
The Fed said in February that intruders breached a website used to stay in touch with banks during emergencies, though no critical operations were affected.
Companies and governments are boosting spending on cybersecurity. Obama’s 2014 budget recommends more than $13 billion for computer network security, about $1 billion more than current levels, including a 21 percent increase at the Pentagon.