The Aspen Cybersecurity Group announced commitments from 15 companies – including Duke Energy, AIG, Apple, Cloudflare, Cyber Threat Alliance, Facebook, Google, IBM, IronNet, Johnson & Johnson, Northrop Grumman, Symantec, Unisys, Verizon and PwC – to address the mounting shortfall in the nation’s cybersecurity workforce.
The Aspen Cybersecurity Group is the nation’s highest-level, multidisciplinary convening of cybersecurity experts.
Co-chaired by IBM CEO Ginni Rometty, Congressman Will Hurd (R-TX), and Lisa Monaco – former White House Homeland Security and Counterterrorism Advisor – the Group comprises 38 business executives, security practitioners, researchers, and former government officials dedicated to devising and executing nonpartisan solutions to cybersecurity challenges. Its mission is to solve, not merely observe, cybersecurity problems.
According to IBM CEO Ginni Rometty, “IBM is proud to co-chair the Aspen Cybersecurity Group’s effort and lead the Group’s workforce initiative.
“By adopting these principles and scaling educational programs where skills matter more than degrees, businesses working together will create new economic opportunity in our communities and address cybercrime, one of the biggest threats facing the public and private sectors today.”
Cybersecurity skills are in short supply; unfilled cybersecurity positions have grown by 50% since 2015.
According to the Aspen Cybersecurity Group’s report on Principles for Growing and Sustaining the Nation’s Cybersecurity Workforce, there will be at least 500,000 unfilled cybersecurity jobs in the United States by 2021. Other research tells a similar story, with one study projecting 3 million cybersecurity job openings around the world by 2021.
Among the Group’s key findings are that employers are leaving large pools of skilled candidates untapped, in part because of overly complex job requirements that disqualify more than 50% of applicants.
Fifteen senior industry representatives in the Aspen Cybersecurity Group are committing to adopt three of the Principles for Growing and Sustaining the Nation’s Cybersecurity Workforce:
- Widen the aperture of candidate pipelines, for example by expanding recruitment focus beyond applicants with four-year degrees or using non-gender biased job descriptions.
- Revitalize job postings to be engaging and to focus on the core requirements; don’t ‘over-spec’ the requirements.
- Make career paths understandable and accessible to current employees and job seekers, referencing models like the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework where applicable.
“For many years, the cybersecurity community has been struggling to build a more robust, inclusive cyber workforce pipeline,” said John Carlin, Chair of the Aspen Institute’s Cyber & Technology Program.
“With these commitments, some of the nation’s largest employers will demonstrate the relatively simple measures that others can take to expand their search for cybersecurity talent. For example, present hiring practices can overlook potential cybersecurity experts who do not come from a traditional computer science background. We want to change that.”
The Aspen Cybersecurity Group invites other employers in the private and public sectors to join the effort to widen the pool of candidates for roles in cybersecurity and to make the fast-growing, in-demand positions more accessible.