Especially as a result of the COVID pandemic, cybersecurity is becoming more and more important to our defense, economy, and personal safety. And recent estimates show that the gap is 4 million (!) people between the number of cybersecurity professionals needed and those available with the requisite skills and experience. And that number is likely LOW, as it was estimated before the COVID pandemic took hold.
How can we close that gap as quickly as possible? This article summarizes a 2-part strategy:
1. Adopt AI and Machine Learning technology more broadly for 'routine' security work. Most cyber attacks follow detectable patterns that an 'intelligent machine' can spot, and possibly neutralize on it's own with responses known to be effective. This would allow the human experts to focus on the truly unique attacks.
2. Bring in more veterans. This pool of talent already knows the importance of the mission of national defense can likely be quickly trained, and has experience in working together on similar issues.
As cybersecurity is obviously becoming more and more urgent for governments, businesses, and individuals, I think this strategy is worth considering and discussing more broadly for rapid adoption.
Most attacks are not invisible and undetectable — the attackers are able to rely on the fact that network defenders cannot be watching everywhere at all times, that even if they detect a potential attack it is difficult to determine a genuine threat from a benign anomaly, and that even if a malicious activity can be detected in progress it can be difficult to ascertain how to respond in real time.