The lack of people with cyber security skills requires urgent attention, says Mark Weatherford, deputy under-secretary for cybersecurity at the US Department of Homeland Security (DoHS).
“This is urgent not only from a general security point of view, but particularly from an economic security point of view,” he told the Cloud Security Alliance Summit at RSA Conference 2013 in San Francisco.
The study found that the shortage of skilled information security professionals is having a profound effect on the global economy as it is leading to more frequent and costly data breaches.
According to Weatherford, no organisation can say they have all the cyber security talent they need.
“The DoHS can’t find enough people to hire, and there are not enough people in the pipeline to protect companies, critical infrastructures and governments in future,” he said.
Weatherford said that from a national and international perspective, it is important to come up with ways of boosting the number of people entering the information security profession.
“Governments, business and the IT security industry need to work together to make cyber security more visible and attractive as a career,” he said.
Read more on Cyber Skills
An important obstacle to overcome, said Weatherford, is the perception that people need a college degree to work as an information security professional.
“Probably the five smartest people I know in information security never went to college,” he said.
According to Weatherford, qualifications should not be the only way of deciding whether people can do the job.
“Sometimes it is better to spend time breaking things and taking them apart to understand how they work,” he said.
Weatherford called on all businesses to contribute to creating interest and opportunities in cyber security by sponsoring school and college teams in cyber security competitions.