NIST awards three-year grant for cybersecurity jobs ‘heat map’

IT trade group CompTIA will receive $249,000 in the first year year of the project to help illustrate cybersecurity job vacancies. The map is expected to come out in late 2016.

The National Institute of Standards and Technology announced Tuesday it awarded a three-year grant to the IT trade group CompTIA to create a “heat map” of cybersecurity jobs.

Under the grant, CompTIA will work with job market analytics and research firm Burning Glass Technologies to conduct research and develop a way to illustrate the supply and demand of cybersecurity workers across the country. CompTIA will receive $249,000 in the first year for the effort through NIST’s National Initiative for Cybersecurity Education. Subsequent funding is based on the availability of appropriated funds but is expected to be $469,000, according to a NIST spokeswoman.

The map, expected to come out by the end of 2016, will be updated every 90 days and will show postings linked to cybersecurity job categories laid out in the National Cybersecurity Workforce Framework, according to a release.

Overall, the cybersecurity sector has struggled to fill open jobs. Last year in the U.S., Burning Glass found there were nearly 50,000 jobs posted requiring a CISSP security certification, “the primary credential in cybersecurity work.” However only 65,000 people hold that credential — and most were already employed. Rodney Peterson, the lead of NIST’s National Institute for Cybersecurity Education, told FedScoop that the map would help demonstrate where gaps lie.


“The data exists, but we want to visualize it on a map, so if you are in Michigan and you apply [to a job in another region] you want to see what is the demand but more importantly what is the supply — you can start to drill down the data geographically,” Peterson said.

Peterson made the remarks Tuesday following a Christian Science Monitor event in Washington, D.C., that focused on strategies for building a larger and more diverse cyber workforce. Several panelists talked about the importance of defining career tracks, standardizing training programs that can serve as pathways to jobs, and reaching out to kids early on to cultivate an interest in a cyber career.

Panelists also talked about the importance of recruiting racial and ethic minorities as well as women to the field.

Michael Kaiser, executive director of the National Cybersecurity Alliance and a moderator at the event, highlighted a report his group released Monday with defense contractor Raytheon that found young women’s interest in the cybersecurity field has plummeted in the past year. The report also found that 33 percent of young women said they did not feel qualified to work in cybersecurity “which we know probably isn’t true — it’s probably more attitudinal in a way,” he said. By comparison, 24 percent of men said they weren’t qualified for such jobs.

Young people need to be able to see themselves in these careers and understand the career trajectory, said Cecily Joseph, vice president of corporate responsibility and chief diversity officer for Symantec Corp. To get underrepresented groups interested in working in cybersecurity, it’s essential to introduce potential workers to people “that look like them” and have been successful in the field, she said.


“I think getting to meet those people, as well as industry representatives, is really important,” she said.

Role models are important, Nadya Bliss, director of Arizona State University’s Global Security Initiative, agreed. She also said cybersecurity community may need to change how it thinks about its workforce.

“Don’t be shocked” if you encounter a women in a technology role, she said. “When people are shocked, it immediately brings up questions in your mind [like], ‘Should I not be here?’”

Latest Podcasts