On October 14 and October 15, 2020, top cybersecurity experts will be coming together for the ICIT Fall Briefing 2020. This unique cybersecurity event will be a virtual hands-on collaboration project designed to teach government cybersecurity professionals how to crowdsource solutions for their next cyber crisis.
Featuring a number of collaborative workshops and keynote presentations from the cybersecurity industry’s leading experts, the Fall Briefing will function to teach government cyberwarriors how to operate simultaneously across three horizons: navigating the crisis now, planning for the recovery, and leading the next normal.
In advance of this exciting event, GovDevSecOpsHub correspondent, Caron Beesley, recently sat down for an interview with Joyce Hunter, the executive director at the Institute for Critical Infrastructure and Technology (ICIT), the nation’s leading cybersecurity think tank.
During their discussion, Joyce shared how ICIT is cultivating a “cybersecurity renaissance” – including promoting the role of women in cybersecurity. She also addressed how government agencies can compete more effectively for cybersecurity talent and nurture the next generation of cyber warriors.
Here is what she had to say:
Caron Beesley (CB): What’s the role of ICIT in the cybersecurity ecosystem?
Joyce Hunter: ICIT is a cybersecurity think tank. Our community of fellows are an elite group of nationally recognized cybersecurity and national security leaders who acutely understand the power of meaningful engagement and recognize the importance of the ICIT mission.
ICIT also publishes white papers, maintains a digital library, and provides webinars and podcasts on topics of interest. What makes us different is that we focus solely on cybersecurity. In fact, ICIT is the only cybersecurity think tank in the United States.
CB: How do you view yourself being a woman in cybersecurity, especially a woman that has held so many prominent posts and positions as you have?
Joyce Hunter: It’s a little bit different because there is not a whole lot of us. In 2013, 11 percent of people in cybersecurity were women. By 2019 that number had grown to 24 percent. However, that 24 percent includes any woman that touched cybersecurity, even if they’re typing up a paper or copying some information – not just those in the trenches. So, it’s unclear how accurate that 24 percent number is.
Another important statistic is that women in cybersecurity, whether they are at a managerial level or an analyst level, earn approximately 17 percent less than their male counterparts. And then if you delve further into it, Black or African American people make up only 3 percent of cybersecurity analysts in the United States.
It’s important that we let other women know, girls especially, that this isn’t just for men only. It’s also multidisciplinary. I have a bachelor’s degree in sociology and a master’s degree in marketing. And nothing says technology in there. You must be able to think through problems, creatively think through problems, and you have to have a diverse workforce to compete, that’s what’s important in cybersecurity.
CB: What are the top challenges that you see cybersecurity people facing today?
Joyce Hunter: Finding the right people for the IT workforce, hiring them, and getting them to stay – particularly in the federal government.
We need to shorten the time and recruit them early. I am a firm believer in getting them right out of high school, providing them with internships, paying for their college – just like the military. We give you one year of college, you give us one year of service to the federal government that would at least get a commitment from them for four years. Because we know that the market is tight. It’s estimated in the Washington, D.C. metro area that the cybersecurity workforce opportunities have increased by about 145 percent over the last five years.
CB: Why do you think there’s too little supply in the workforce?
Joyce Hunter: I think it’s because we’re not looking at the entire workforce, we’re focusing on those with a degree or experience. We’re not going into high schools and giving students internships – there’s nothing that says they must have a degree anymore. That ability to be flexible and hire the people that you need when you need them is going to be extremely important to getting that number down. If we can take somebody with a music degree or with a sociology degree and say: “How do you want to learn? Would you like to learn something new, different, exciting, and something that will constantly change?” Because the adversary is constantly changing, so it won’t be boring, that’s for sure.
I would add that cybersecurity often is portrayed as a losing battle. In other words, no matter what you do, you can always be hacked. That can be an inhibition to a young talented person that wants to get into this field. Who wants to play for the losing team? I could go learn about artificial intelligence, or robotics, or some other exciting field and be on the winning team.
CB: We’ve talked about some of the challenges out there. But what are the solutions? How can we go about expanding the cybersecurity workforce? How can we draw more women in how can we draw more people of color?
Joyce Hunter: We must go where they are. We must address more women’s organizations, more women’s groups, and more high school career fairs.
We need to be connected with those public school systems and offer to go in and talk about things like my summer camp for underserved and underrepresented youth. we have a whole section on cybersecurity in which the USDA CISO provided a presentation on why cybersecurity is important and Living Security ran a virtual lockout room. It was absolutely fascinating as students tried to figure out the problems and beat the clock.
Get them young, at 13-14 years old, introduce them to the concepts of cybersecurity and why it’s important, even scare them to death! Let them know that at that young age that whatever they put out on the web, however private, somebody is going to find it.
CB: ICIT has a briefing coming up on October 14-15th. Can you talk about that?
Joyce Hunter: It’s a virtual briefing that will focus on developing a secure roadmap for the future across the federal government, academic institutions, nonprofits, and industry – looking at where we’ve come from and where we need to go to make ourselves more secure.
The format will imitate TV episodes with each episode leading to the other one. Where are we now? And how do we continue to move forward? How do we prepare for the next time? We have some of the top people in the federal government coming to talk to us based on their experience in those areas. Attendees aren’t going to sit there for six hours and listen to talking heads so we plan to have a virtual workshop using Google Jamboard.
For additional information about the ICIT Fall Briefing 2020, or to register online, click HERE.