CISA Shores Up Workforce to Protect Organizations From Cyberattacks

June 8, 2022 by Alexa Hornbeck
CISA Shores Up Workforce to Protect Organizations From Cyberattacks
Employee Engagement at the National Cybersecurity and Communications Integration Center via U.S. Department of Homeland Security Flickr

WASHINGTON — The U.S. Cy​​bersecurity and Infrastructure Security Agency has issued a series of warnings to health care systems and other organizations that Russia’s invasion of Ukraine could increase the risk of malicious cyberattacks. The agency now seeks to increase the cybersecurity workforce to meet the rising demand.  

“Building the cyber workforce is a major priority for CISA. The United States has an estimated 500,000 vacant cybersecurity jobs, more than 35,000 within the government,” said Michael McCarthy, spokesperson for CISA, in an email to The Well News.

The U.S. cybersecurity workforce needs to increase by 65% to fill all the unknown demand in cybersecurity, according to a 2021 report from the International Information System Security Certification Consortium known as (ISC)², a non-profit organization which specializes in training and certifications for cybersecurity professionals and consists of over 140,000 members.

Data from another (ISC)² report shows that only 24% of the cybersecurity workforce is currently women. 

“Without women pursuing careers in cybersecurity, the industry is missing out on more than half of the population’s talent pool. The gender gap that exists in the cybersecurity workforce contributes to the overall cyber workforce shortage that persists in the United States and globally, which ultimately makes us less prepared to deal with the threats of today and tomorrow,” said McCarthy.

McCarthy said CISA awarded $2 million to develop cyber workforce training programs to better recruit workforce talent, and has established partnerships with organizations like Girls Who Code, Girl Scouts, and CYBER.ORG

CISA also partnered with Mass Insight Education & Research on May 31, to introduce nearly 300 Massachusetts Advanced Placement® STEM and English students from 15 bay state high schools to cybersecurity scenarios and concepts, as well as post-secondary education and career paths, during a four-hour virtual field trip.

“We are therefore focused on inspiring the next generation of … talent, long before they enter the workforce,” said McCarthy.

The ransomware attacks specifically on hospitals have in some cases necessitated diverting patients to other hospitals and led to an inability to access patient records to continue care delivery, according to a notice released by CISA for health care systems and public health sectors to prevent cyberattacks. 

According to the notice, cyberattacks can also expose sensitive patient information and lead to substantial financial costs to regain control of hospital systems and patient data. 

“The big risk is we have a whole lot of small and medium size businesses that aren’t shoring up their cyberdefense,” said Clar Rosso, CEO of (ISC)²,  during a phone call with The Well News. 

The 2021 survey from (ISC)² was taken by nearly 5,000 cybersecurity professionals, and shows that while the cybersecurity workforce increased globally during the COVID-19 pandemic by 700,000 individuals, the demand for professionals shrunk overall. 

“You would have expected the demand to have gone way up,” said Rosso. “And it did in all parts of the world except Asia-Pacific.”

The greatest decrease in workforce demand was seen in Asia, as Rosso said companies in this region have recovered more slowly from the pandemic and in such situations, organizations tend to view cybersecurity as an expense instead of a strategic imperative.

The COVID-19 pandemic also transitioned many in-person jobs to remote work, which Rosso said opened up a whole host of vulnerabilities to organizations who do not have protected networks.

“When you’re working in an office, [an employer] would likely have secure Wi-Fi but you’re in a closed network. When everyone in your organization is working from home and everyone is logging in from different locations … it creates vulnerability,” said Rosso.

Rosso said that in the 2021 survey cybersecurity professionals were asked what happens when you don’t have enough cybersecurity staff. 

“What they said is, we misconfigure systems, we don’t spend enough time on proper risk assessment and management, we rush deployment of new technology oversight in process and procedures, and we don’t do enough threat-hunting to look for vulnerabilities,” said Rosso.

In 2019, (ISC)² surveyed 192 respondents specifically from the health care sector, and found that 41% of respondents felt they needed additional certifications and training for future roles.

Nearly 28% of the respondents felt they needed to develop skills like cloud computing security or intrusion detection skills in the next two years to advance in their careers. 

The data from (ISC)² also shows that 58% of the cybersecurity workers in health care were men, and most held job titles as an IT manager or IT director, and had held those positions for about 11 years.

“There are a lot of connected devices in a hospital, like digital record keeping. There is a dependency on connected devices to provide top notch medical care, and if you don’t have someone looking at those systems … [such as] a software update that needs to be done, your risk [of cyberattacks] increases,” said Rosso.

The president’s FY 2023 budget request includes $2.5 billion in funding for CISA, nearly the same amount as the FY 2022 levels for the agency. 

The budget request includes funds for CISA to increase engagement with cybersecurity stakeholders, ramp up cyberdefense and education and training, and provide grants to support additional K-12 cybersecurity education programs. 

“The Appropriations Committees will now begin discussions on their FY 2023 funding bills, and budget hearings for the agencies will commence in the coming weeks,” said Rosso.

Alexa can be reached at [email protected] 

A+
a-
  • CISA
  • Cybersecurity and Infrastructure Security Agency
  • In The News

    Health

    Voting

    In The News

    December 10, 2023
    by Dan McCue
    Carter Votes For Cares Act Even As Hyundai Speeds Construction of Georgia EV Plant

    WASHINGTON — It was a matter of preserving consumers’ choice in the face of federal mandates. That’s how Rep. Buddy... Read More

    WASHINGTON — It was a matter of preserving consumers’ choice in the face of federal mandates. That’s how Rep. Buddy Carter, R-Ga., explained his vote last week in favor of the Choice in Automobile Retail Sales Act, even as the Hyundai Motor Group is rushing to... Read More

    December 10, 2023
    by Dan McCue
    BP Completes Tech Upgrade of Indiana Wind Farm

    HOUSTON — Oil and gas giant BP recently fulfilled a major goal of its renewable energy division, completing what it... Read More

    HOUSTON — Oil and gas giant BP recently fulfilled a major goal of its renewable energy division, completing what it calls a “major” technology upgrade at its Fowler Ridge 1 wind farm in northwest Indiana. The upgrade included the installation of two new Vestas turbines expected... Read More

    December 10, 2023
    by Dan McCue
    Hydrogen Fuel Equipment Company Expanding to South Carolina

    LONGVIEW, N.C. — OneH2, a hydrogen fuel equipment manufacturer, is opening a new production facility in Clover, South Carolina. The... Read More

    LONGVIEW, N.C. — OneH2, a hydrogen fuel equipment manufacturer, is opening a new production facility in Clover, South Carolina. The building, which is more than 246,000 square feet, was recently purchased by OneH2 from the Belmont Land and Investment Company LLC. The facility, which is surrounded... Read More

    December 8, 2023
    by Dan McCue
    Appeals Court Largely Upholds Trump DC Gag Order

    WASHINGTON — A federal appeals court panel on Friday largely upheld a gag order imposed on former President Donald Trump... Read More

    WASHINGTON — A federal appeals court panel on Friday largely upheld a gag order imposed on former President Donald Trump in the criminal case accusing him of trying to overturn the results of the 2020 election, but loosened it just enough to allow criticism of the... Read More

    December 8, 2023
    by Tom Ramstack
    Hunter Biden Indicted on Felony Charges Alleging Years of Tax Evasion

    LOS ANGELES — A Los Angeles grand jury indicted Hunter Biden on tax charges Thursday. The nine-count indictment alleges Biden... Read More

    LOS ANGELES — A Los Angeles grand jury indicted Hunter Biden on tax charges Thursday. The nine-count indictment alleges Biden failed to pay $1.4 million in taxes over four years. The Los Angeles indictment follows similar tax evasion charges this year in Delaware. Biden also is... Read More

    December 8, 2023
    by Dan McCue
    FDA Approves a CRISPR-Based Medicine to Treat Sickle Cell Disease

    WASHINGTON — The Food and Drug Administration on Friday approved the world’s first medicine based on CRISPR gene-editing technology for... Read More

    WASHINGTON — The Food and Drug Administration on Friday approved the world’s first medicine based on CRISPR gene-editing technology for the treatment of sickle cell disease. The new treatment, called Casgevy, was manufactured by Vertex Pharmaceuticals, of Boston, Massachusetts, and CRISPR Therapeutics, of Switzerland, using a... Read More

    News From The Well
    scroll top