It has been reported that President Trump issued an executive order on Thursday that introduces new initiatives and expands existing national efforts aimed to “grow and strengthen” America’s cyber workforce. In response to the news, IT security experts commented below.
Laurie Mercer, Security Engineer at HackerOne:
“Any company that has tried to hire cybersecurity talent in the past 12 months will know that there is an acute shortage of security skills. It’s good news for those with the skills that the US government is willing to go above and beyond in terms of offering competitive compensation for those with the skills.
However, it’s this supply and demand issue that’s the reason why many forward-thinking organisations are turning to the hacking community to help boost their security defences. These organisations have come to realise that to help discover flaws in online systems they need as many eyes looking as possible. Rather than having one or two people looking for vulnerabilities once or twice a year, these security teams are able to leverage tens to thousands of people with diverse skill sets to continuously perform security assessments throughout the year.
Many federal departments are actually already doing this effectively with Bug Bounty programmes and competitions to incentivise intelligent and passionate hackers to help them find any holes in their systems. Supporting this burgeoning community by offering them the chance to hone their security skills in this competitive manner also supports the growing pipeline of talent for the future as the young hackers of today become the CISOs of tomorrow.”
James Hadley, CEO at Immersive Labs:
“Trump has actually made quite a significant step towards boosting the US government’s cybersecurity workforce and, more importantly, the capabilities of its existing staff. The focus on reskilling professionals and attracting fresh talent to fill the reported 300,000 person-wide gap is definitely along the right lines. But in reality, it’s the effort and resources being put towards upskilling current IT and cyber employees within federal government – and ensuring that they are well-equipped and kept constantly up-to-date on how to handle the latest threats – that will make the biggest impact over the longer term.”