The Future of Work without Workers

[ This article was originally published here ]

Work Without WorkersMany people are talking about the future-of-work, but how can that even be calculated when the primary element – workers – appears to be in short supply? There has been much focus and discussion on the work-from-home and hybrid models of work, concepts that appeal to a surprisingly large contingent of the population, but they pose significant challenges to security specialists, both in the practical terms of maintaining security and Zero Trust with a distributed workforce, but also in terms of their own work choices: is it actually possible to be a CSSP or even a CISO from home?

This past summer, we posted a white paper entitled Cloud Adoption and the Skills Shortage in which we looked specifically at why a shortage of qualified people is proving to be one of the largest impediments to cloud adoption, and we took in some feedback from Certified Cloud Security Professionals as to what the industry looks like from their inside perspective.

One of the most profound developments to have come from 2021 was The Great Resignation, a term coined by Dr. Anthony Klotz of Texas A&M University, which refers primarily to the skills shortage in the cybersecurity industry. Throughout 2021, the number of people quitting their jobs in the U.S. reached a peak of 4.3 million in August, after increasing throughout the year. According to Dr. Klotz, “plenty of [these] employees don’t really want to resign. If their company would let them keep working from home or do fewer hours, they would stay.

This adds credence to the concept of there being a skills shortage as coming from both ends. Not only are schools not preparing enough people for cyber-related positions, but those who are already in the business are suffering work-related burnout and stress, due to the significant changes brought on by Covid, as well as chronic understaffing that appears rampant in the industry.

In December 2021, the Biden administration announced it would seek to fill roughly 600,000 vacant cybersecurity positions across the US government. This is in part in response to the slow process of bringing people into the Federal workforce.

“It takes way too long to bring people into the federal government,” said Cybersecurity and Infrastructure Security Agency director Jen Easterly to the House Committee on Homeland Security in December. This comes in great measure because of the classic dilemma of needing up-to-date technical skills along with years of formal experience in the industry. Add to this the fact that women hold only 20% of all cybersecurity jobs, and just 3% of the federal government's IT workforce is under the age of 30.

Some suggestions have included training military veterans leaving the service for these positions, and the government is already partnering with nonprofits and companies like Microsoft to “provide training for the faculty of 150 community colleges, providing free curriculum to thousands of US public community colleges, providing scholarships and supplemental resources to 25,000 students.” Microsoft CEO Brad Smith stated that the choice of working with US community colleges is that they are cheaper to attend, are more diverse in terms of graduates, are located in every US state, and are more flexible with their students’ programs.

Two realities are clearly evident as we look to the future-of-work. The first is that the need for cybersecurity specialists has never been greater. The cloud, in all its variances has become central to mission critical business operations, and cybercriminals have in many cases become as sophisticated or more sophisticated than their victims.

The second is that work is not what it was. The term “new normal” is slightly erroneous as it points to a restoration of normality that is only slightly updated. The truth is that the future is much more different than merely a refined version of normal and will not only change the landscape for CSSPs and other cybersecurity professionals, but also for managers and companies who must substantially review and update the way they operate in every area of their business from how emails are sent to how they manufacture or deliver their services.

The skills shortage and the worker shortage are two sides of the same coin – one that can be quickly remedied, but which will require a much more holistic, organization-wide adoption to do so.

How CCSP Certification Can Help You

Earning the globally recognized CCSP cloud security certification is a proven way to build your career and better secure critical assets in the cloud. CCSP shows you have the advanced technical skills and knowledge to design, manage and secure data, applications and infrastructure in the cloud using best practices, policies and procedures established by the cybersecurity member experts at (ISC)².

Achieving CCSP certification provides the added benefit of membership in (ISC)², the world’s largest nonprofit association of cybersecurity professionals, more than 150,000 members strong. (ISC)² provides members with professional development courses through the Professional Development Institute (PDI); technical webinars covering evolving cybersecurity trends; and benefits, such as the (ISC)² Community and InfoSecurity Professional magazine.

Learn more about how CCSP can help you build the skills you need to stand out in cloud security or get your copy of The Ultimate Guide to the CCSP and get started today.