SAN FRANCISCO — After years of massive hacker attacks on industry and government, the realization that the bad guys are winning has led to a surge in cybersecurity jobs that has outpaced the supply of people to fill them.
This week at the RSA 2016 security conference, the issue bubbled up in keynotes and seminars with discussions of how to get young people interested in tech careers to consider the field.
“The volume of threats has changed dramatically,” said Christopher Young, vice president of Intel’s Security Group. Years before Intel acquired it, McAfee Labs saw 25 threats a day, he said. “Today, we see about 500,000 threats a day.”
But the professionals to counter those threats are small in number, he said in an interview.
“We just have to get after this problem,” he said. “Students will tell you that even if you’re a technical major in college, cybersecurity isn’t a core part of the curriculum.” Young called on the industry to reach out to colleges, universities and even high schools to raise awareness and launch educational programs.
A Stanford University study estimates there are 200,000 unfilled cybersecurity jobs this year. Cisco Systems says some estimates point to more than 1 million unfilled security jobs worldwide.
The Boston-based consulting firm Burning Glass reported last year that the demand for cybersecurity jobs is twice that of all information technology jobs, with cybersecurity commanding a 9 percent salary premium over other IT categories. The jobs require years of training and experience, making them hard to fill.
Indiana is tackling the problem with a new Security Operations Center where Purdue University students work next to state government security personnel to identify threats to state networks. It’s hoped that the center, announced in October, will encourage students to consider careers in cybersecurity.
At the end of his keynote talk, Young introduced Morgan Mayernik, a Purdue freshman majoring in materials science engineering and minoring in biometrics, who said students are often unaware of opportunities in cybersecurity.
“We’re interested,” Mayernik told the audience. “This is a problem that’s dear to our hearts. We live in a technical world, but students aren’t being told this is an option for them. And they need to be told this and they need to be given these problems, because given the opportunities, we will take them. We want to delve into these issues.”
Beyond recruiting, the industry needs to automate to help cope with the labor gap, according Justin Somaini, chief security officer of SAP, the German software giant.
“We need to have really skilled individuals; you’ll never get around that,” Somaini said. “My stance is I might never find enough really good security people in the job market because it’s challenging. We need to take a multifaceted approach to deal with the labor gap, focusing attention on how we innovate,” he said.
“There is a natural evolution we’re seeing into advanced machine learning. Artificial intelligence is one of these research areas we need to focus on,” Somaini said. “Not true AI, but learning algorithms and how they can identify attacks.”
The White House is tackling the issue with a proposed initiative to “develop a technologically-skilled and cyber-savvy workforce,” according to the budget message.
Contact Pete Carey at 408-920-5419. Follow him at Twitter.com/petecarey.
