Governance & Risk Management , Incident & Breach Response , Managed Detection & Response (MDR)
Tackling the D.C. Security Skills CrisisWaddell of (ISC)² on Value of Associate's Program to Bolster Agencies
The scale of the global IT security skills crisis is well documented. But what is its direct impact on cybersecurity with the government agencies of Washington, D.C.? Dan Waddell of (ISC)² discusses the problem - and a new way to address it.
"The message is loud and clear: The time for action is long overdue," says Waddell, (ISC)² Managing Director, North America. And in D.C., there is an acute shortage of cloud security skills, he says.
"Cloud security is one of the skills specifically identified by our federal government partners as the next big skill that's really in demand," Waddell says.
But that's just one among many in-demand skills, and as a result of the skills gap, security leaders lack confidence in the cybersecurity of their agencies. Waddell cites one recent survey result: "Only 2 percent [of respondents] strongly felt the federal government is capable of detecting ongoing cyber attacks," Waddell says. "That's a pretty powerful number."
In an interview about mitigating the security skills crisis in government agencies, Waddell discusses:
- Impact of the skills crisis in these agencies;
- How the (ISC)² Associate's Program can help fill gaps;
- How government agencies can better collaborate with (ISC)².
Waddell is responsible for managing operations in the North America Region, which primarily focuses on supporting U.S. and Canadian members, customers and strategic partners. He also leads all U.S. government affairs activities and is the primary (ISC)² official responsible for interacting with public sector entities (i.e. federal, state and local governments); major corporations; universities and other higher education institutions; and professionalization organizations throughout the U.S. Waddell serves as the principal point of contact for various trade associations; public interest groups and other entities focused on information security and information security workforce issues. He has over 20 years of experience in information technology, information assurance, and cybersecurity, with over 15 of those years in management.