Apple Phone Case Exposes Stubborn Skills Gap
Like many of us in the cybersecurity industry, I paid close attention to the recent fight between the FBI and Apple over an encrypted phone.
When the case ended abruptly with the FBI’s announcement that the phone had been accessed without the help of Apple – but instead with the assistance of a private company – I wasn’t surprised. Physical security is the primary component of data security and it was only a matter of time until the device was unlocked. Moreover, the news reports speculating the firm assisting the FBI was from Israel, and not the United States, were also not a shock.
Why? Because the scenario with Apple and the FBI is just another example of a disturbing trend in the American tech industry. There is a significant shortage of people with qualified skills for technical jobs at hand.
Both the public and private sector are having difficulty finding and retaining people with technical skill sets for available jobs. Last week, I met with a private sector program manager in the intelligence community, and she confirmed they presently have over 900 job openings in their cyber division. In the public sector, where compensation is lower and incumbents are becoming more of a liability than an asset, it is even worse.
Why the skills gap? I believe there is a clear disconnect between what is taught in schools and what cyber teams across all industries actually need. Our K-12 education system barely gives programming a hand wave. In addition, what is taught in most universities is insufficient, often industry specific, and leaves graduates unprepared to overcome real-life cyber security obstacles, even at the most basic levels. Once working in the industry, there are few structured programs available for ongoing education.
So, what to do? Our early education system needs to dig deeper to promote the skills that our businesses – and our students – actually need. Here are some ways to start:
- Foreign language requirements should be replaced with programming language requirements, or at least offered as an alternative for the same credit. In the next 10 years, jobs will go to individuals that “speak” Python over those that know a second spoken language.
- The tech industry must increase partnerships with schools and professional organizations to show people what careers in cybersecurity look like. Security teams should host cyber boot camps as a vehicle for the curious to spend time in the trenches learning how it’s done.
- Lastly, we need to start embracing the coding boot camp model. It’s the closest analog the information security community has when it comes to ongoing education, or re-education for those in adjacent technical fields that want to make the switch. Many of the people I’ve met through these programs have degrees in other fields and are looking for formal training around the passion they’ve recently discovered so they can make a career out of it.
At PKWARE, we are committed to working closely with local universities to better prepare students for careers in technology. We have instituted an internship program to help create a greater pipeline of skilled employees as the need for qualified people in technology continues to grow rapidly. Our mission captures individuals in such a way that drives them to pursue careers in data security. Hopefully more security and technology organizations will see the need to bridge the skills gap and create similar educational opportunities for students. By doing so, I believe we will be helping to make our world more secure for the future.