Research Paper on Cybercrime and the Supply and Demand for Cybersecurity Professionals

Introduction

Globally, cybercrime is becoming one of the biggest problems with its threats targeting individuals, businesses, and governments. Millions of people are accessing the internet today in even the remotest regions. The government itself is using information technology (IT) systems in large for its daily activities. However, lots of billions are being spent every year to support and operate those systems and the rate is expected to grow by 3% by 2020 (Norris et al., 2018). In these real-time conditions, cyber-security and forensic specialists are progressively dealing with extensive cyber threats. As cyber threats increases, shortages of properly trained professionals also increase. As a result, thousands of jobs in information security are left unfilled making the demand for cyber-security workers outpace its supply.

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

Research Questions

To complete the research, the paper explores the following research questions:

1. What issues is the nation facing with cybercrime that is leading to such a high demand for professionals in the field?
2. How will the lack of individuals to fill the increasing amount of vacancies in the cyber-security field affect the nation's ability to combat cybercrime as it is on the rise?
3. How will the nation fill these vacancies while maintaining control?

Issues at the Nation on Cybercrime

Today, the nation is facing a big multi-dimensional problem of cybersecurity. As a result, there is a high demand for professionals in the field who can help in protecting all systems of IT from attack and in mitigating after the attack. Often, local governments are usually involved in maintaining and storing substantial amounts of sensitive information such as PII or personally identifiable information (Norris et al., 2018). However, they are usually vulnerable to a cyber-attack such as names and addresses of individuals, health records, numbers on social security and on credit cards, driver's license information, etc. The IT systems of the local government keep and maintain these data due to the diversity of interactions of citizen-local government especially in areas of water and sewer bills payment, fines and fees payments, signing up for recreational activities, and many more. Many local governments have encountered breaches of data, PII exfiltration, and liberate demands of information systems and data. A report given from the Privacy Rights Clearinghouse showed that since 2011, there have been 286 breaches in local, state, and federal governments with 195 being from state and local levels (Norris et al., 2018). Also, there have been incidents of hacking or malware and stealing PII as well as ransom smaller number of insider breaches. Furthermore, the report indicated that since 2011, 257 educational establishments have been breached with 200 being from public facilities (Ramdinmawii, Ghisingh & Sharma, 2014).

Another issue in the nation on cybercrime is the constant cyberattack of websites of most public, non-profit and private organizations. A study conducted indicated that every two to three months, the US government experiences data breaches with the federal government experiencing breaches every nine weeks and the local and state agencies every 12 weeks (Cabaj et al., 2018). Such websites are used globally and mostly, they are usually prone to two major vector attacks. One of them is the fact that irrespective of the size of the company, these websites are used in providing information and services online. In some instances, this information is usually legislatively mandated particularly for the government. The web presence of government is tied to e-government and significantly, it provides citizens with online access to information and services thus being able to interact with personnel of the government. Websites with data-driven backends like hard drives and servers containing data of the company and forms of accepting input are attacked using various 'injection attacks' (Cabaj et al., 2018). Here the attacker tries to place malware or malformed input into a backend thus causing it to run the certain code. For instance, the SQL injection attacks the government's database that has information. The other part of vector attack is through internet use of enabling technologies particularly social media, email, and mobile apps. Here, spear phishing is used in attacking specific targets. The criminals of the cyber publicly collect available information from sites like Facebook which helps them in constructing a person's profile and in crafting email messages that are specific. Such emails entice the end-users in opening the attachment and in turn install malware on their devices.

Another issue is that cyberattacks have been organized by not only state actors like the national governments, but also by other non-state actors like terrorists and financial criminals and this is a serious problem for the country. Based on US and world economies, cybercrime is very expensive costing more than $400 billion every year (Norris et al., 2018). Due to the increase in cybersecurity threats in the nation, the demand for skilled professionals in the field is increasing drastically so as to fight the big giant in the country.

Effects of Shortages of Professionals' Cyber-security on Nation

In recent years, the epidemic of cybercrimes has been escalating rapidly making most companies and governments of the nation struggle in hiring enough qualified professionals that can safeguard against the growing threat. Some trends indicate that there are over 1 million unfilled positions and this is expected to rise in the upcoming years. The lack of individuals to fill the increasing amount of vacancies in the cybersecurity field can affect the ability of the nation in combating the rising cybercrimes. One way this can affect the nation is lacking a strong, smart digital workforce that is essential in combating the sophisticated cybersecurity threats emanating all over the world. For this workforce to be successful, it requires a combination of technical skills, domain-specific knowledge, and social intelligence. Dawson and Thomson stated that "a highly-skilled, motivated and passionate cybersecurity workforce is critical in the protection of internet's security" (2018). However, this workforce must not be developed based on only technical knowledge, but also on social traits. If the nation lacks this cybersecurity workforce, then it will lack the right personnel of communicating cyber threats to less technologically confident decision-makers in the management of human resources.

The lack of cybersecurity professionals in the nation will lead to a considerable increase in cyber-attacks and the erosion of the trust of the consumer in the capability of protecting the internet. A report given indicated that ransomware is expected to increase by 350% in the coming years with spoofing or business email compromise (BEC) rising by 250% and spear-phishing attacks increasing by 70% in most private and public organizations. Consequently, it will increase the average cost of managing such cyber-data breaches to around $7.5 million every year (Norris et al., 2018). These risks are expected to grow significantly from third-party vendors to information theft like personnel identifiable information and trade secrets. This is further complicated as integration increases between nation-state cyberattacks groups and criminal cyberattacks groups thus leading to more sophisticated cyber attacks that are hard to manage. On the other hand, the trust of the consumers is slowly eroding thus influencing the driving growth of most businesses and shared prosperity in the nation. Often, consumers feel secure when a more resilient and secure internet is constructed which significantly helps to improve workforce performance. Due to the dramatic increase in cyber attacks, consumers' trust drastically decreases making it hard for them to thrive in an enabling technology world.

Filing the Vacancies

In America, it is estimated that there are more than 300,000 unfilled cybersecurity jobs and the number is expected to increase by 2021 (Ayereby, 2018). To exacerbate the situation, the nation is expected to think and act fast. While maintaining control, the nation can fill these vacancies by creating an online resource where it can advertise jobs and give online training for job seekers. Sites like niccs.us-cert.gov. Organizations that are non-profit groups can be used to help the less fortunate and the veterans in accessing training while searching for jobs. Despite the current shortage of qualified candidates, Simons (2018) stated that certification is not necessary. However, the candidate must be able to demonstrate the capability of thinking like a malicious hacker. The candidate must also try to have profound knowledge in programming, networks, or system administrations (Simons, 2018). Another way the nation can fill these vacancies is by building the skills of employees that they already have. The government can try to sponsor its employees by offering them training and educational programs both in-person and online courses. Lectures and seminars should be throughout to ensure that the employees gain both technical and soft skill that is required in managing the big issue of cybercrimes. Also, the government should add cybersecurity practitioners to their workforce so as to increase competition between the public and private sectors. As a result, the gap between the supply and demand will diminish hence being able to overcome any challenges of cybercrimes.

Additionally, the government should create awareness to the general population on opportunities available for a career in cybersecurity. This will ensure candidates' supply is expanded in filing the roles that will, therefore, make the career more achievable and discoverable to the whole population. As a result, cybersecurity will become everyone's business in society. Additionally, the government should add cybersecurity practitioners to their workforce so as to increase competition between the public and private sectors. As a result, the gap between the supply and demand will diminish hence being able to overcome any challenges of cybercrimes.

Conclusion

As cybercrimes increases and continues to grow, the gap in professional cybersecurity also continues to rise and to widen. The growth in skills demand is outpacing supply growth and large pools of skilled individuals are left untapped. The whole nation is at risk of continued cybercrimes which significantly is bringing an increase in ransomware, spoofing or business email compromise (BEC), and spear-phishing attacks. Due to this, the nation is expected to act fast so as to hinder its spread. By doing so, the government should fill the cybersecurity jobs in the country so as to reduce the wide gap of insecurity. It is important that the nation keep the skills of the workforce of the American up to date so that the newly learned skills can be essential even in the future world technology of the country.

References

Ayereby, M. P. M. (2018). Principles for Growing and Sustaining the Nation's Cybersecurity Workforce. Aspen Cybersecurity Group, 23(113). https://assets.aspeninstitute.org/content/uploads/2018/11/Aspen-Cybersecurity-Group-Principles-for-Growing-and-Sustaining-the-Nations-Cybersecurity-Workforce-1.pdf

Cabaj, K., Kotulski, Z., Ksiezopolski, B., & Mazurczyk, W. (2018, July 10). Cybersecurity: trends, issues, and challenges. https://jis-eurasipjournals.springeropen.com/articles/10.1186/s13635-018-0080-0

Dawson, J., & Thomson, R. (2018, June 12). The future cybersecurity workforce: Going beyond technical skills for successful cyber performance. Frontiers in Psychology, 9. https://www.ncbi.nlm.nih.gov/pmc/articles/PMC60...