BOISE, Idaho — On Monday, Idaho Gov. Brad Little spoke in his State of the State address of the need for more cybersecurity professionals in the workforce.
After the recent attack in Iran, the Department of Homeland Security also issued a warning for businesses and government entities to be on high alert for cyber attacks.
Because of that, cybersecurity has become a hot topic in Idaho and around the U.S. in recent weeks.
According to data from the National Initiative for Cybersecurity Education, there is currently a shortage of 314,000 cybersecurity professionals in the U.S. That workforce deficit is expected to increase into the millions by 2021.
"There’s never going to be enough resources in terms of IT specialists in the cybersecurity area to really fill the need," said Steve Inch, worldwide security marketing manager for HP. "There’s a massive void in terms of head count and resources.”
Universities like Boise State are doing what they can to try and help fill that void.
JoAnn Lighty, Dean of the College of Engineering at BSU, says they currently offer several different types of degrees related to cybersecurity. That ranges from undergraduate certificates to a PhD in computer science.
In fact, the university just recently had its first doctoral student graduate from the computer science program, with an emphasis in cybersecurity.
Boise State will continue working to grow its educational opportunities.
“One of the most exciting things that we just received is over $800,000 from Idaho with a workforce grant specifically in this area where we’ll be developing an online certification program to help this workforce development,” Lighty said.
When it comes to cyber crime vulnerability, no one is exempt.
“It’s really important that there’s an understanding that this ‘It won’t happen to me’ mentality is irrelevant," Inch said. "The fact is, just plan on having it happen.”
Globally, the pattern for cyber crime is becoming less focused on large websites as targets and instead, hackers are turning their attention more on smaller businesses.
“What we’re finding in terms of the trends – it’s broadening of the targets from core enterprise companies to the small and medium businesses," Inch said. "And we’re also seeing much more destructive attacks that are quicker."
Part of the reason for that is advanced sophistication in the type of coding used. Techniques like machine learning and artificial intelligence are creating cyber needles in an online haystack.
With new malware being created every 4.2 seconds, Inch says those factors all combined make it increasingly hard to detect when someone, or something, has been hit.
“The statistic is for the mid-size to enterprise company, the detection of a breach is about 201 days,” he said.
Those breaches are costing companies millions every year. According to Inch, the average cost per company from cyber crime in 2017 was $11 million. Now, that cost has increased to an average of $13 million.
When it comes to taking preventative measures, Inch said check your privacy settings on your browser and frequently-visited websites. Also be sure when buying a product to check how it was developed and manufactured - make sure it was designed with strong software and secure features.
Most importantly, when it comes to cyber threats, Inch said the most important factor is awareness.
“Don’t think of it as, ‘It’s not going to happen to me,’" he said. "Assume you’re going to be attacked. It’s not a matter of ‘if’ – it’s a matter of ‘when.’”