In reading a recent article published at PRWire I am reminded of an article I read in 2002 that demonstrated how the dot com bust would have significant implications in about 4-8 years.
The premise was that with no Americans actively seeking college education in information systems, there would be a significant gap in our indigionous talent pool.
While these exercises demonstrated in the above article are great, it is important to note that the NSA and DHS have a jointly funded what is essentially an R.O.T.C. program.
The problem exists where the graduates are pretty much all farmed out to DoD and in limited instanced DHS. So what about CIP in the private sector? Not just power plants but also state government and first responder communication infrastructures?
These organizations still go insufficiently protected by technology and even if they have the right tech, who do they have to adequately handle the operational and managerial aspects of security?
A question I have for the group is this: "IF" a scenario existed whereby you (A CIP) were a US Citizen, cleared, certified, and possess solid credentials and can be hired for $50-65K a year, would that be worth it for the same CIP organization to subsudize a government kitty-pot for say $15K a year?
Think about what you get on the backend and for what investment. I am eager to learn more from the audience the thought on such a premise.
Carter Schoenberg, CISSP