From...

August 16, 1999
Web posted at: 11:57 a.m. EDT (1557 GMT)

by Patrick Thibodeau

INTERACTIVE

Has too much been made of the threat of cyberterrorism? Yes No View Results

WASHINGTON, D.C. (IDG) -- Federal officials are looking at ways to prevent an "electronic Pearl Harbor" -- a sneak cyberattack. But in a situation somewhat parallel to the plight of the undermanned and unprepared military in 1941, the federal government is facing a tremendous shortage of people needed to fight any future cyberwar.

Over the next seven years, the government will have to replace more than 32,000 information technology workers -- almost half of the 71,000 IT workers employed by federal agencies, according to a recent study by the federal Chief Information Officers Council. Much of the turnover is the result of rise in the number of employees eligible for retirement.

Of most concern is the need for IT employees with information security skills, according to a recent federal report urging the creation of a massive intrusion-detection system to protect federal and critical private systems, such as energy, telecommunications and transportation, against cyberattack.

MORE COMPUTING INTELLIGENCE
	IDG.net home page
Computerworld's home page
Computerworld Year 2000 resource center
Computerworld's online subscription center
Reviews & in-depth info at IDG.net
IDG.net's personal news page
Year 2000 World
Questions about computers? Let IDG.net's editors help you
Subscribe to IDG.net's free daily newsletter for IT leaders
Search IDG.net in 12 languages
News Radio
	Computerworld Minute
	Fusion audio primers

The national cyber protection plan recommends funding information security programs at universities and offering scholarships to students in exchange for a commitment to work at federal agencies. Such programs may ultimately benefit private companies.

Only a handful of universities now offer programs in information security. "Security hasn't made it into the mainstream of academe," said Lance J. Hoffman, a professor of computer science at George Washington University in Washington.

So most IT students study to become programmers or Windows NT experts, while security specialist tend to get their training on the job, said Paul Jansen, manager of information security at loan guarantor and administration company USA Group Inc. in Indianapolis. When he hires, "I'm hiring other companies' security people," he said.

If more universities offer security training, "I'm going to get people who have a better understanding of what our profession is all about," Jansen said.

Throughout the industry, companies are having a tough time hiring IT workers with security skills. "I consider the need dire," said Richard Power, editorial director at the Computer Security Institute in San Francisco.

Salary issues, in particular, make it hard for federal agencies to compete with the private sector. Government IT workers often start at salaries of less than $25,000, and the federal security plan recommends improving pay.

There is "fierce competition" for IT workers with security skills, said Timothy Grance, manager of systems and network security at the National Institute of Standards and Technology. But a pay-for-performance salary program and the promise of working on research projects have been hiring incentives, he said.