TRENDING:

Security Workforce: A Report Card

Prof. Diana Burley on Skills Needed to Grow the Field Tom Field (SecurityEditor) • June 24, 2014     15 Minutes   
Security Workforce: A Report Card
Diana Burley
Recognizing the security workforce shortage is one thing. Addressing it is quite another. What will it take to truly grow the workforce? Diana Burley of The George Washington University shares her vision.

Burley is an educator by profession. In fact, she was just named Cybersecurity Educator of the Year by the Colloquium for Information Systems Security Education. So, it is natural to ask her to assign a letter grade to the state of today's IT security workforce.

Burley gives high marks to the pros working in the security trenches. But for those in business, government agencies and education who are trying to address the global IT security workforce crisis, she is less generous. "We have a lot of work to do in getting us up to speed," she says.

Why does the security industry struggle so much with the workforce challenge?

"One of the things we have to focus on is that this is not solely a technical endeavor," Burley says. "Technical skills are certainly a requirement for many of the jobs within this field. But we also need individuals who understand the business, who understand the risk and are able to conduct risk analyses, who understand how to communicate effectively with different audiences."

Training such multi-disciplined people is one issue. But it also is a daunting task to find organizations that can bridge their own silos and find a place for refined security professionals.

Source of Frustration

What frustrates Burley most in her efforts to address the workforce crisis?

"Time," she says. "It takes an incredible amount of time to educate people, and that can be very frustrating because we do want people to get into the workplace right now."

Communication is also a frustration. "We talk past each other quite a bit," Burley says, referring to government, business and academia. "Everyone is trying so hard to solve the problem ... that it's very difficult to take a moment and understand the perspective of the other sectors, so that we can figure out how to best leverage each other and work more efficiently."

In an interview about the state of the IT security workforce, Burley discusses:

  • Her assessment of today's workforce and its readiness to protect critical infrastructure;
  • New insights on professionalizing the workforce;
  • What it will take to attract the right people to the field.

Burley is a professor of human and organizational learning within the Graduate School of Education and Human Development at The George Washington University. She has spent more than 15 years as a researcher and professor designing and evaluating computing education programs to build the IT workforce. She co-chaired the 2013 National Research Council report on professionalizing the nation's cybersecurity workforce, has been twice appointed (2012, 2013) to the Virginia General Assembly JCOTS Cyber Security Advisory Committee, directed the NSF Cyber Corps program, and has been honored by the Federal CIO Council. Burley also was named to the CareersInfoSecurity list of 2014 Influencers.

Previous
How Can Women Advance? Let Them Fail
Next
BYOD: Bring Your Own Disaster?



Around the Network

How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.eu, you agree to our use of cookies.