The U.S. is facing a critical shortage of cybersecurity professionals, a challenge that is not only growing but also poses a significant threat to national security. CyberSeek, a joint initiative of NIST’s NICE program, CompTIA, and Lightcast, reports in its dashboard over 469,930 job openings in cybersecurity. (CyberSeek, 2024) Despite the escalating cyber threats, the talent pool to combat these threats remains insufficient, and this shortage is a crisis that will only deepen over time, potentially compromising the defense of the United States.
The Growing Cybersecurity Skills Gap
The cybersecurity landscape is more complex and dangerous than ever before. Cyberattacks are becoming more sophisticated, and the number of incidents is rising rapidly. For instance, as part of its 17th-annual Data Breach Investigations Report (DBIR), Verizon analyzed a record-high 30,458 security incidents and 10,626 confirmed breaches in 2023—a two-fold increase over 2022 (Verizon, 2024). The report also emphasized that the vast majority of these breaches could have been prevented if organizations had the right vulnerability management measures in place – measures that hinge on having skilled professionals at the helm. This sure was mainly fueled by the growing frequency of attacks by ransomware actors, targeting vulnerabilities in unpatched systems and devices, including zero-day vulnerabilities.
The Vision for the U.S. in Cybersecurity
Looking ahead, the U.S. must ask itself: what role does it want to play in global cybersecurity 30 years from now? Will it continue to be the world’s cybersecurity leader, or will it cede that position to countries like Israel, China, or India? The answer is clear—if the U.S. does not invest in its cybersecurity workforce now, it risks losing its leadership position in the coming decades. We’ve seen this play out in other industries, such as electric vehicles, where the U.S. is struggling to catch up to Chinese automakers. To avoid a similar fate in cybersecurity, the U.S. must take bold steps to address the skills gap. One of the most effective ways to do this is through immigration.
Immigration: A Solution to the Cybersecurity Shortage
Immigration can help solve the cybersecurity skills shortage in several ways. First, by bringing in specialists from across the globe, the U.S. can fill critical positions with cybersecurity experts who can make an immediate impact. Second, these professionals not only fill the gaps in the short term but also contribute to long-term solutions by training and mentoring the next generation of cybersecurity leaders.
For example, Israel has become a global cybersecurity powerhouse, in part due to its strong emphasis on cultivating talent through its military and education systems. This talent pool has given rise to numerous cybersecurity startups, such as Wiz, which recently made headlines with its astronomical valuation. The U.S. can learn from this model by creating centers of excellence in cities like tech hubs such as San Francisco, Boston where there is already a number of cybersecurity enterprises. These hubs can serve as breeding grounds for innovation, where top talent from around the world comes together to develop the next generation of cybersecurity technologies.
The U.S. Has Done This Before
The United States has a history of leveraging immigration to address critical national security challenges, most notably during the development of the atomic bomb in World War II. The Manhattan Project, which led to the creation of the nuclear bomb, was a monumental achievement made possible largely by the contributions of immigrant scientists. These scientists, including Hungarian-born physicist Leo Szilard, German-born Albert Einstein, Danish physicist Niels Bohr, Hungarian-born Edward Teller, and Italian-born Enrico Fermi, played a pivotal role in shaping the project. Their work, alongside that of American scientists, demonstrated the incredible impact that immigrant talent can have on national security.
Building the Future of Cybersecurity Leadership
In July 2023, the Biden-Harris Administration launched the National Cyber Workforce and Education Strategy (NCWES), a comprehensive plan focused on addressing the immediate and long-term demands of the cyber workforce. Although immigration was highlighted as a crucial element in the policy to mitigate the cybersecurity talent shortage, meaningful immigration reform by Congress is essential for the successful implementation of this strategy.
By bringing in top talent from around the world, the U.S. not only fills immediate gaps but also lays the foundation for a more robust and innovative cybersecurity ecosystem. These experts can help train the next generation of American cybersecurity professionals, ensuring that the U.S. remains at the forefront of global cybersecurity for decades to come. Moreover, attracting the best and brightest minds in cybersecurity to the U.S. would signal to the world that America is still the place where dreams are made, where innovation happens, and where the freedom to create and lead is not just encouraged but celebrated. This is how the U.S. can maintain its position as a global leader in cybersecurity and protect its national security in an increasingly digital world.
Conclusion
The cybersecurity skills shortage is a national security issue that cannot be ignored. To address this challenge, the U.S. must invest in its workforce by embracing a new wave of highly skilled immigration. By doing so, the U.S. can secure its future as the world’s cybersecurity leader, much like it has done in other critical industries throughout history. The time to act is now—before it’s too late.
By Debrup Ghosh, cybersecurity expert.
The views and opinions expressed in this article are those of the author and do not necessarily reflect the official policy or position of their employer.