Nobody takes comfort in fact that corporations are facing an incredible information security talent shortage. After all, many of these companies maintain sensitive customer information, so a corporate data breach can impact millions of people.
But the idea that CIOs of state governments are finding it extremely difficult to identify and onboard talent is even more disconcerting, as these governments house all manner of sensitive information. Unfortunately, that is exactly what is happening. In fact, a survey conducted by the National Association of State Chief Information Officers (NASCIO) earlier this year found that 67.3 percent of governments listed security among the most difficult skills to find in potential employees, a higher percentage than any other area of IT.
No “magic bullet” exists for solving this talent problem. The NASCIO report discusses some innovative ideas that some state CIOs are experimenting with, including:
- Creating more robust intern programs to develop talent from within
- Hiring IT-focused recruiters to aggressively pursue top talent
- Offering tuition reimbursement for university and IT academy graduates who work in the public sector
- Providing fast-track career advancement possibilities for innovative IT workers
These are all clever ideas that will undoubtedly help governments attract some talent that may have otherwise opted for a career in the private sector. The reality is, however, that some of these efforts are unlikely to pay dividends for at least several years. Additionally, hiring the best and brightest cyber security talent will always be difficult for state governments as long as they are competing with technology corporations like Facebook and Google that can offer significantly greater compensation.
With that in mind, state governments will have to find ways to make better use of the talent and resources they have currently. Leveraging automated cyber incident response, for example, enables organizations to automatically resolve a large portion of the thousands of alerts they receive each day. By automatically resolving alerts state governments free their expert staffers up to manually respond to more complex attacks and create innovative new processes.
Want to learn more about automated cyber incident response? Check out my recent article in Network World.