States Get Creative to Address Cybersecurity Shortfalls

Virginia has made it no secret that the state aspires to be a leader in cybersecurity. But with cybersecurity talent shortages across the country expected to reach 1.5 million by 2020, the state has decided to get creative in filling these critical positions.

And its efforts are starting to show fruit.

In June, the first graduates emerged from a free program called Cyber Vets Virginia, which provides veterans with cybersecurity training opportunities and resources. In turn, the state makes its way toward filling an estimated 17,000 cybersecurity vacancies.

Launched last year by Gov. Terry McAuliffe, who is bullish on technology initiatives, the project is made possible through the commonwealth’s partnerships with Cisco Systems, Fortinet, Onward to Opportunity, Palo Alto Networks and others.

“Cybersecurity is a key pillar in the new Virginia economy and filling the cyber workforce pipeline is critical to sustaining long-term industry growth in the future,” said Secretary of Technology Karen Jackson in a press release on the launch of the program.

To help veterans find and fill these open positions, the program also offers access to job preparation resources, such as resume writing, job pairing and interview prep, through a partnership with Hire Heroes USA, StateScoop reports.

About 40 veterans participated in the last round of classes with 40 more participating online, doubling the amount of veterans that took advantage of the first round of the program, John Malfitano, a program manager with the Institute for Veterans and Military Families, told StateScoop.

"It's free, but nobody promised them that it's easy," he said. "They've got to work and complete the coursework. … Obviously, we want to get a number of people into the program, but we get measured on how many people are completing their courses, how many people are getting certified and the people that are getting jobs."

SIGN UP: Get more news from the StateTech newsletter in your inbox every two weeks

Michigan Calls on Volunteers to Fill Cyber Gaps

Compounding the lack of cybersecurity talent in the workforce for state and local governments is that 80 percent of states lack the funding to develop sufficient cybersecurity defenses.

Michigan, however, has found a way to overcome the shortfall in funding and talent by putting together something of a volunteer firefighting force for cyberattacks.

The state’s Michigan Cyber Civilian Corps, MiC3, is a team of 59 highly trained volunteers standing at the ready to step in and assist the state if it’s hit with a devastating cyberattack.

“These are the guys who come in while the house is burning,” Paul Groll, Michigan’s deputy chief security officer who oversees the team, told Government Technology. “They can help stop the damage and try to find out what the bad guys are doing and kick them out as soon as possible and set up the victim for a successful recovery.”

Despite being in existence for three years, the state has yet to call on the group, the site reports, because while the state has suffered several smaller cyberattacks, the group is activated only when the governor declares a state of cyber emergency.

However, with the ability to effectively fight cyberattacks becoming more critical each day, Government Technology reports that the state is also mulling a bill currently in the state Senate that would broaden the role of MiC3. The larger role would allow the team to assist smaller agencies and organizations, such as cities, schoolboards and police departments, if they are hit with less critical cyberattacks.

“These smaller organizations need help,” said Dan Lohrmann, chief security officer for Security Mentor, a national security training firm that works with states, in the Government Technology article. “And this can help younger cyber pros get hands-on experience and grow the overall pool of cyber talent in Michigan.”