Federal Government Cyber Security Spending Expected to Reach $13.3 Billion by 2015. Faced With Significant Shortage of Qualified IT Security Talent
Driven by a 445 percent increase in cyber security incidents since 2006, a shortage of qualified cyber security experts, and an increasingly complex and interconnected technology environment, a recent research report from INPUT forecasts federal investment in information security will increase to $13.3 billion by 2015 at a compound annual growth rate of 9.1 percent, nearly twice the rate of overall federal IT spending.
IT Security represents approximately 15% of federal agency IT budgets and has produced the largest staffing increases of all IT positions in the last 1-2 years, according to the Federal Information Security Market, 2010-2015 report which details the trends, drivers, and policies shaping the cyber security market.
"There is a general consensus that the government has a lot of work to do to address weaknesses in its cyber security," said John Slye, INPUT principal analyst. "Over the last year, federal agencies have seen a 78 percent growth in cyber incidents. This demand for increased information security is greater than any other current technology, leaving it more immune to the recent federal budget cuts."
The demand for IT security talent is in high demand between government agencies and private companies and has created a shortage of resources among the federal agencies to keep up with the demand. Recently, the U.S. Cyber Command, which was scheduled to be “fully operational” by October 1st, missed that deadline, primarily due to the challenge of finding qualified personnel, of which it will needed 1,000 skilled employees. Cyber Command did achieve its “Full Operational Capability” on November 3rd.
"While agencies continue to make incremental progress toward secure infrastructures; a lack of leadership, ambiguous roles, technical challenges, and workforce shortages inhibit the federal government from developing and implementing a cohesive, well-formed national cyber security strategy," said Angie Petty, INPUT principal analyst. "This creates a large opportunity for vendors to bring their combined agency knowledge and operational security expertise to the market."
INPUT’s analysts say that not only does the U.S. lack adequate cyber security talent, but it is faced with an inadequate pipeline of potential new talent and that agencies are often competing for such talent.
Why is the Federal Government having such a hard time hiring cyber security professionals?
• Scholarship for Service (SFS) and DOD Information Assurance Scholarship Program (IASP) are not producing enough entry-level workers
• Some cybersecurity experts claim that current professional certification programs focus heavily on documenting compliance rather than actually reducing risk
• Fragmented governance and uncoordinated leadership hinders the ability to meet federal cybersecurity workforce needs
• Complicated processes and rules hamper recruiting and retention efforts
• Disconnect between front-line hiring managers and human resources specialists
This talent shortage, the report says, will drive demand for contract support to fill the gap with personnel and/or solutions that automate cyber security. On the positive side, such challenges often spur innovation may encourage more government openness to innovation that will allow them to accomplish more with less manpower.
The report identifies trends and drivers impacting the IT Security market's growth including:
• Increasing cyber incidents and threats from progressively sophisticated attackers;
• Sweeping legislative remedies that aim to patch holes in federal approaches;
• Implementation of the U.S. Cyber Coordinator and DOD Cyber Command; and
• Cyber workforce shortages inhibiting progress and driving the need for technology.
Federal agencies' demand for information security services and technologies continues to present diverse opportunities for vendors who are agile and present creative, cost effective solutions especially in the areas of situational awareness, security automation, and information security training.
The report includes information security market sizing for the Civilian, Defense, and Intelligence communities with a look at the major information security initiatives across the federal government. Given the high visibility and numerous stress points of information security, INPUT’s analysts predict the market will continue to grow over the next five years.
More information on the $3,900, 104-page Federal Information Security Market, 2010-2015 report is available here.