The U.S. government has released a data which shows that the shortage of cybersecurity skills is a myth and that its own job fair organized by the Department of Homeland Security this summer was a success. However, experts are wondering if the event was an outlier or a sign of optimism.
The cyber security skills shortage has been discussed in many different ways over the recent years. The U.S in October 2015 planned to hire 6,500 people with cyber security skills by January 2017 and it hired 3,000 by the first half of the year. The two-day long job fair was organized as part of the hiring effort in July which was aimed at filling critical positions to protect Nation’s cyberspace. Angela Bailey, the chief human capital officer at DHS wrote in a blog post on Monday (November 21) that the event garnered "over 14,000 applicants and over 2,000 walk-ins" and culminated with more than 800 candidate interviews and "close to 150 tentative job offers within two days. Close to 430 job offers have been made in total, with an original goal of filling around 350 positions.”
The experience of the U.S. government seems to counter to what industry studies say is actually going on. A report published by Intel security a day before the job fair pointed to a talent shortage crisis of cyber security skills.
Meanwhile, Gunter Ollmann, CSO for Vectra Networks, said although the event "was pitched under the banner of cyber security it is not clear what types of jobs were actually being filled," and some positions sounded more "like IT roles with an impact on cybersecurity, rather than cybersecurity-specific or even experienced infosec roles."
CISO and CTO for Core Security, Chris Sullivan also agreed that the DHS event may not be indicative of the state of the cybersecurity skills shortage.
David Foote, co-founder and chief analyst at Foote Partners, is also skeptical of the government's findings, and says there's really no unemployment among people with cyber security skills, "so why would they go to a job fair?"
According to Foote, the government pays far less to cyber security experts then firms do which is why it may be focusing on hiring people it can train and not on hiring someone with experience and who would command much higher salaries than can government offer.