Far too many people think of cybersecurity as just a technology issue. In doing so, they impair their comprehension of the cybersecurity landscape. Cybersecurity has always been and always will be a “people problem,” as much as or more than, a “technology problem.”
The resilience of critical infrastructure and security of the nation is not dependent on any one technology, nor are any sectors immune from adversarial compromise. Attacks are repelled by the underappreciated actions of the cyber workforce. The cyber workforce is not a tool or resource deployed across sectors. The workforce is a critical infrastructure, and in its absence, all other sectors would collapse.
Addressing the need for diverse and talented cybersecurity professionals
Throughout 2023, the Biden-Harris Administration has unveiled a number of initiatives to establish a national vision for protecting and expanding the nation’s cybersecurity efforts. Most notably in July, the Administration released the National Cybersecurity Strategy Implementation Plan (NCSIP) and the National Cyber Workforce and Education Strategy (NCWES).
The broad reaching goals of these initiatives largely center around developing a diverse, skilled, and adaptable cyber workforce that can address the problems of the present and adapt to the digital landscape of the future. Goals include:
- Leveraging existing local ecosystems to improve cyber education, normalize best practices, and implicitly and explicitly develop the workforce.
- Equipping all Americans with the industry-specific cyber skills necessary to enter, actively participate in, and continuously develop as part of the cyber workforce.
- Promoting interest in cyber careers and fostering the practical application of learned skills.
- Attracting and hiring a qualified and diverse federal cyber workforce by lowering hiring and onboarding barriers and effectively communicating the benefits of a public service career
- Ensuring that foundational cyber skill learning opportunities are available and made equally accessible to all.
- Guaranteeing cyber educators are available and continually improving.
It’s not just about numbers
Both the NCISP and the NCWES pinpoint a much-needed governmental commitment to expanding the number of cybersecurity professionals in both the public and private sectors. They also acknowledge that safeguarding critical infrastructure is not merely a numbers game. It requires a major focus on creating a diverse cybersecurity workforce.
True cybersecurity resilience can only be achieved when we embrace diversity, equity, and inclusion as fundamental pillars of our protection strategy. Imagine a symphony where every instrument plays the same note – the resulting monotony would be miserable. Similarly, in the realm of critical infrastructure, a lack of diversity can lead to blind spots and vulnerabilities that jeopardize the very foundation of our national security.
Diversity enriches our defense mechanisms by infusing many perspectives, backgrounds, and experiences into our approach. It serves as a water cooler of innovation, yielding creative solutions to preempt and counter emerging threats. Furthermore, equity ensures that resources and opportunities are distributed fairly, so that all segments of society have a stake in safeguarding our vital assets.
Inclusion, the final note in this powerful triad, fosters an environment where every voice is heard, empowering communities to actively participate in fortifying our critical infrastructure. To truly strengthen our society against the complex and evolving challenges of the modern world, we must harness the force of diversity, equity, and inclusion – a symphony of resilience that will resonate for future generations.
The unquestionable importance of recognizing workforce as infrastructure
The US cyber workforce is a critical infrastructure upon which all other sectors depend. It is incumbent upon us to recognize it as such, actively collaborate to improve it, compensate skilled personnel proportional to their contributions, and work together to ensure that opportunities to enter or advance within the cyber workforce are available to all.
The National Cybersecurity Strategy Implementation Plan, and National Cyber Workforce and Education Strategy are all praise-worthy approaches to improving the US cyber workforce. However, their aspirations could easily prove to be only words if we continue to fail to recognize the cyber workforce as a critical infrastructure.
Editor’s Note: This blog is based on Ms. Hunter’s Workforce Is A Critical Infrastructure: Strengthening the Defenders published in August 2023.]
About the author
Joyce Hunter is a strategic doer, a philanthropreneur, and the Executive Director of the Institute for Critical Infrastructure Technology (ICIT). She was appointed by President Barack Obama to the position of Deputy Chief Information Officer for Policy and Planning at the Department of Agriculture and served in that post from February 2013 to January 2017. In addition to policy and technology planning, Hunter is the creator of the Data Science Camp Inc. for underserved and underrepresented youth, which has entered its 10th year of operation.