Strengthening the U.S. Cybersecurity Workforce: A Strategic Collaboration of the U.S. Government, Academia, and Private Sector

Abstract

In today’s digitally interconnected world with everyone’s reliance on and use of the internet and information technology applications, we operate more efficiently, effectively, and expediently. However, the same technologies expose and compromise our data and assets to cyber threats from state-sponsored attackers, criminals, and accidental errors. To protect us from these threats, we need a sufficient, adaptable, and highly capable cybersecurity workforce; however, there is a persistent U.S. cybersecurity workforce shortage that is currently estimated at 660,000 unfilled job openings. Through a comprehensive research and analysis of the interdependent roles and responsibilities of the U.S. government, academia, and the private sector, I chronicled fourteen significant cyber incidents that include Stuxnet, SolarWinds supply chain hack, Colonial Pipeline ransomware, and the CrowdStrike-Microsoft outage. I analyzed the evolving threat landscape, emerging technologies of artificial intelligence and cloud computing, the human factor, and structural factors that impact the cybersecurity workforce. My thesis suggests that the U.S. cybersecurity workforce shortage must be solved through a whole-of-nation approach. With a cross-sector governance of shared milestones, accountability, and performance metrics, a new approach that eliminates fragmentation and siloed efforts is needed to protect U.S. national security undermined by cyber insecurity.