President Obama's New Cybersecurity Guidelines Lack A Workforce Plan

[Commentary] There’s at least one thing missing from the National Institute of Standards and Technology’s new presidentially-mandated cybersecurity framework: a plan to bolster the nation’s cybersecurity workforce and address the ongoing shortage of skilled cyber staff.

The framework provides organizations charged with providing the nation’s financial, energy, health care and other critical systems with a structured set of standards and guidelines to help manage cyber risks. But while the framework represents a positive step forward, it’s still deficient in addressing what is often the root cause for lower security incident preparedness -- a shortage of qualified information security professionals, said W. Hord Tipton, executive director of (ISC)2. “A skilled workforce is the foundation of any successful security program,” Tipton said. “I believe the success of the cybersecurity framework will depend on how quickly and effectively the area of workforce shortage is addressed.”