A few weeks ago it was discovered that the hackers behind the Target Corporation’s data breach reportedly entered the company through a subcontractor. According to the cyber-security blogger who first revealed the attack, the hackers gained access to the company’s network by using credentials stolen from a refrigeration, heating and air conditioning subcontractor.
The attack that was revealed to the world on Wednesday December 18, 2013, made many of Target’s shoppers’ possible victims of identity theft. While many are covering what that means for individuals, I have started to wonder what that might mean for local businesses, governmental agencies and even job seekers.
At the moment we can only speculate on what could occur as a result of the attack. Once the dust settles on the customer piece we may start to hear and see some of the effects on businesses and organizations, but for now let’s just put on our tin foil hat and dive in.
For any business or organization that knows about the cyber attack, this is a warning. While some might feel they aren’t a large enough business to worry about such an attack, the fact that the hacker went in via a subcontractor should tell any business or organization of any size, you are not safe. While not every business has the footprint that Target does, this data attack still shows that no one is safe from being a victim and/or creating a partner a victim.
The trickledown effect of an event like this can mean many things. The cost of products and services provided by a business could increase. This affects both what the subcontractor offers the business, as well as what the business provides the public. Both the business and the subcontractor might have to hire more people and purchase more software to not only fix already identified leaks, but to also take preemptive measures to make sure leaks and attacks don’t occur in the future.
This can also be bad news for businesses that work with governmental agencies and vice versa. Will the government roll out new regulations and requirements for protection of data against cyber attacks? If new regulations are created, how detailed will they be and what will that mean to the bottom line? What new systems will have to be put in place, and what old ones will have to be upgraded or even possibly replaced? Could the new requirements make government contracts less likely to be sought after? This could definitely have an effect on the relationship between business and government.
One thing we can count on is that companies and organizations will need to buff up their security measures and this could mean new jobs across the nation. Forensics has always been a popular field, especially since many TV shows have glamorized it, and part of forensics is cyber crime, and systems security. Individuals in this field can help secure networks of businesses and organizations of any size, and some maybe can even help track down hackers, and even terrorists. More of these training programs are popping up around the nation, and even in the Centralina region. Many of our community colleges offer a degree in this field.
We could see more educational systems offering this training if the demand from the employers is high enough and if we don’t have the workforce already in place. According to the Economic Modeling Specialists, Inc., we are already projecting a rise in the number of Information Security Analysts in the state, 17.5 percent by 2022.
More data taken directly from the national Integrated Post-Education Data System database published by the U.S. Department of Education's National Center for Education Statistics shows us that we are not meeting the demand for the field of Information Security Analysts. Regional completions for 2012 in this field are 1,311 for Information Security Analysts, with 6,317 regional openings in the state.
Let’s break down these numbers even more. Within the Information Security Analysts you have three fields, Information Technology, Computer and Information Systems Security/Information Assurance and Cyber/Computer Forensics and Counterterroism. We will look at these three areas of focus, which match more of what local businesses and organizations might be looking for in response to the attack.
In all three of these areas we are not matching the demand for regional openings in 2012. In 2012 there were 1,113 completions in Information Technology with 2,585 regional openings. For Computer and Information Systems Security/Information Assurance there were 173 completions and 2,274 openings. And for Cyber/Computer Forensics and Counterterrorism we had 25 regional completions in 2012 and 1,458 openings. All three of these areas are expected to grow from between 12% - 23% in the coming years. If all fields are projecting an increase in growth already then we have a few things to consider and plan for if we see an increase in demand for these positions.
If the numbers hold true for the future, then we have just found an area of focus for our region. The next steps could include working with Community Colleges to help them in creating a short term training for this specific field. Short term training such as this can offer career changers a fast in demand training, that may have a quick turnaround time for employment. A short term training in this area can also help those with expertise in other areas of Information Security Analysts or Information Technology buff up their resume.
These numbers show us as well that as the workforce boards continue to see a demand for this field in the region that partners and other educational institutions need to be included in a regional plan. It seems that as technology grows more advanced, more of our youth seem to be born with the natural ability to handle it. This will need to be tapped into, and perhaps reach out to the schools to make it a more obvious, possible, within reach career choice. As this could vary region to region, it might have to be a grass roots enterprise that takes it on. Either way, educating our future workforce of the jobs in demand is always something needed.
Now is the time to start to thinking about taking action towards the shortage in this industry. Depending upon how businesses and organizations react to this cyber attack, we could possibly see even more of an increase in the demand of jobs in that specific field. It is already documented that we have a shortage in the region and in the state. Good communication between employers, workforce boards and community colleges could help prepare for that gap if we plan ahead. This too is just one more thing that will have to be watched and followed to determine the outcome.
While the overall effects of this for businesses and organizations have yet to be seen, we can safely say that this attack did not just influence how Target does business in the future, it will affect how everyone does business in the future. What do you see happening as companies and organizations move forward? Will your business or organization be making changes after this attack? Do you think this issue will carry weight or will it take a larger attack, perhaps one that hits closer to home, before we see any changes made? Let us know in the comments!
- This Tin Foil Hat Edition is written by Emily Clamp, Communications Specialist for the Centralina Workforce Development Board