What are the biggest issues in cyber security in 2016? originally appeared on Quora - the knowledge sharing network where compelling questions are answered by people with unique insights.
Answer by Steve Herrod, Managing Director at General Catalyst, Former CTO of VMWare, on Quora.
What are the biggest issues in cyber security in 2016? You think we have cyber security issues? No way! Just kidding. This is definitely one of the most popular questions that I get these days. Obviously cyber attacks are becoming both more brazen and more common. All of us see them in the news almost daily - another company apologizing to their customers for lost "private" information, governments (and, err, political candidates) having email show up on wikileaks, or most recently, the Dyn DDOS attack that disabled access to many, many sites (Github! Netflix!). So there are plenty of issues to go around. I'd prioritize them as the following though:
Better end-user education
It's kind of stating the obvious, but most systems are only as secure as the habits of the people using them. Bad actors exploit this to the fullest by taking advantage of weak passwords and unpatched software and using sophisticated phishing techniques. Companies really need to get rigorous in security training for employees at every level.
Security-aware software development
You can make it all the way through a four year degree in CS and not once have to think about creating secure code. That needs to change. Thanks to the stellar work of organizations such as Code.org, computer science is now taught in roughly 25 percent of U.S. public schools. From the very start, whether it's in junior high or college, curricula should include specialized security courses.
Shortage of cybersecurity professionals
There just aren't enough people focused on security. The core challenge isn't a lack of raw talent. We've got nearly six million software-related professionals in the U.S. according to the Bureau of Labor Statistics. But fewer than 89 thousand, or just 1.5%, are cybersecurity specialists. That's translated into more than 270,000 unfilled security-related IT jobs in the U.S. alone. And that shortage is part of the reason that security-related professionals are among some of the highest paid in the development field.
This skills gap has not gone unnoticed by the current administration. President Obama's 2017 budget calls for a 35 percent increase in spending on cybersecurity, bringing it to $19 billion. A substantive portion of this budget goes toward the recruiting and training of cybersecurity professionals including offering scholarships to students who focus on security-related studies and go on to work for the Federal government out of college.
In short, there's a lot of opportunity here in the field of cybersecurity. The bet is that higher awareness, loan forgiveness, and pretty attractive salaries will begin to close the gap.
This question originally appeared on Quora. - the knowledge sharing network where compelling questions are answered by people with unique insights. You can follow Quora on Twitter, Facebook, and Google+.