National security is now the number one security concern for Americans, according to the recently-released global 2017 Unisys Security Index, replacing financial security as the top fear from the 2014 survey. Americans’ concerns about internet security, specifically viruses and hacking, rose most dramatically over the last three years, coming in as the number two security concern in this year’s index.

In a world more interconnected by technology than ever, the cyber threat landscape has never been more daunting. Alarmingly, one in three website visitors last year were attack bots and over 94 percent of 100,000 websites analyzed over a 90-day survey period experienced at least one bot attack, according to Imperva’s Bot Traffic Report 2016. Companies and agencies at the frontline of protecting the country and consumers from cyber-attack face countless challenges beyond the cybersecurity threats themselves.

2017 Cybersecurity Infographic v102317

NVTC 2017 Cybersecurity SitRep

NVTC’s newest infographic provides an updated look into NVTC members’ cybersecurity hiring and resource allocation trends while reiterating the key takeaway of last year’s cyber infographic: The human element exposes us to the greatest cyber risk, from cyber talent to employee training to insider threats.

Acquiring top cyber talent remains a priority to NVTC members, with 50 percent reporting they will hire cyber professionals over the next 12 months, a five percent decrease from last year. Employee training is the single greatest focus for our members with 50 percent reporting it as their greatest cyber resource allocation, while 42 percent are targeting a technical solution first. The human element – both human error and insider threats – was acknowledged as the greatest cyber threat facing the country today.

Cybersecurity Talent Gap Continues to Widen in 2017

Organizations are experiencing tremendous difficulties filling cybersecurity positions and retaining skilled talent in these positions. By 2022, it is predicted there will be a shortfall of 1.8 million cybersecurity professionals in the U.S. In Greater Washington alone, there are over 44,000 open cybersecurity positions.

The 50 percent of NVTC members reporting cyber hiring needs are in stiff competition to attract the cyber talent with the experience, skills and certifications they require to be competitive in today’s marketplace. Local tech employers are looking for creative ways to engage new talent pools to fill their cyber workforces, using models such as NVTC’s own Tech Talent Employer Collective, which uses the U.S. Chamber of Commerce Foundation’s Talent Pipeline Management methodology to put employers into the driver’s seat, setting the workforce development requirements around shared employer needs.

Cybersecurity Venture Funding In the Region Remains Steady

While it is unlikely we will again see cyber ventures play such an outsized role in venture funding such as in 2015 when 46 percent of all funding went to cybersecurity services and products, a steady stream of cyber venture funding continues in Greater Washington, with $210 million collected in calendar year 2016 and $173.2 million from Q4 2016 through Q3 2017.

This support network, including incubators and innovators from MACH37 to In-Q-Tel to CYBERCOM at Ft. Meade, enables a community with innovation capacity and the agility to rapidly evolve to meet the ever-growing cyber threat.

Evolving Cyber Threat Vectors

Internet crimes reported to the FBI’s Internet Crime Complaint Center (IC3) in 2016 represented more than $1.3 billion in losses. Those nearly 300,000 reported crimes are only estimated to be 15 percent of all internet crimes that took place. This year’s numbers so far show that things continue to rise – distributed denial of service (DDoS) attacks alone showed a 380 percent increase in Q1 2017 over Q1 2016.

Even with the rise of more sophisticated bot attacks and ransomware, 63 percent of NVTC members rank the human element as the cyber threat requiring their greatest focus. A recent study on email threats estimates that one in four emails appearing to come from a dot-gov domain is a phishing attempt and three out of four organizations reported being the victim of a phishing attack in 2016.

The threat landscape seems even more ominous when you add in the increasing sophistication of the methods used in spear phishing, a more targeted attack that often spoofs more realistic identities known to the victim; the days of being asked to help move royal gold reserves out of Africa are being replaced by seemingly innocuous requests from “Randy in accounting” to take a look at an attached spreadsheet. Despite this increasing threat, progress is being made through awareness and training programs teaching how to stay secure and safe in the current environment, an approach being adopted by all industry sectors, not just IT.

Community Threats Need a Community Response

We are lucky to reside in the nation’s cyber capital, where the resources and environment support cyber innovation and where the nation’s most qualified cyber workforce lives and works. Perhaps Greater Washington’s biggest advantage in cybersecurity is the collaboration happening in the region. Each day stakeholders from the private, public, incubator and academic communities come together to work on the biggest cyber threats.

To deepen cyber collaboration in the region, NVTC will be hosting the second annual Capital Cybersecurity Summit on November 14-15, 2017 at The Ritz-Carlton, Tysons Corner. At the Summit, the nation’s cyber leaders will share their unique insights and best practices into topics such as attracting top cyber talent, cloud security, cyber risk management, strengthening cybersecurity through public-private partnerships and more. Attendees will have unmatched networking opportunities to discuss their latest innovations and the cyber challenges they face. Get the latest Summit agenda here.

View NVTC’s 2017 cybersecurity infographic at www.NVTC.org/2017CybersecurityInfographic

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Virginia: A Global Technology Center

August 17th, 2017 | Posted by Alexa Magdalenski in Infographic | Research - (Comments Off)

NVTC recently published the third infographic in its research series. The latest infographic highlights Virginia’s position as a global technology center and a top state for business. Continue reading for some of the key findings in the infographic.

VA Tech Rankings Infographic 0717

Click infographic to enlarge

Virginia’s tech job opportunities are unmatched

  • Virginia ranks #1 in total employed and geographic concentration of cybersecurity workers.

Virginia’s cybersecurity workforce location quotient – a Bureau of Labor Statistics data-driven ratio highlighting a geographic area’s distribution within a given industry – is first in the nation at 4.47, far exceeding the 1.0 that is our national average. Or to put it another way, there are more cybersecurity workers per employed capita than anywhere else in the country.

  • Virginia ranks #1 in cybersecurity job openings.

Virginia ranked first again in the number of cybersecurity openings posted. Cyberseek heatmap openings totaled 35,837 for the period running April 2016 through March 2017.

  • Virginia has the second largest percentage of private tech sector employees.

In the 2016 CompTIA Cyberstates report, Virginia ranked second in terms of percentage of private sector workers employed by tech firms at 9.5 percent. The report also noted:

  • Virginia had the fourth highest number of all technology job postings;
  • Virginia had the fifth highest tech payroll compared to the national average wage differential at $31 billion; and
  • Virginia ranked sixth in the total number of tech workers (284,681), average wage ($109,038), total number of tech establishments (19,568) and tech as a percentage of state product (8.8 percent).

Startup growth is strong in Virginia

  • The Kauffman Index of Growth Entrepreneurship ranks Virginia #1 for startup growth.

The Kauffman Index of Growth Entrepreneurship uses three components of small business activity to provide an early indicator of small business growth, including the rate of businesses owners in the economy, the five-year survival rate of businesses and the established small business density.

Virginia is pro-business

  • Virginia ranks #4 in the 2015 top 10 pro business rankings

The Pollina Corporate Top 10 Pro-Business States report details how well each state has positioned itself to retain and create jobs. Virginia is the only state that has been in the top five every year since the inception of the rankings.

Want to learn more about NVTC’s latest research initiatives? Email Research and Strategic Initiatives Manager John Shaw.

View NVTC’s cybersecurity and data analytics infographics.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

Cyber Capital Screenshot 3The Greater Washington region, including Washington, D.C., Virginia and Maryland, is the nation’s cybersecurity capital, with a unique set of cybersecurity assets and opportunities that no other region in the world can match. To highlight and position the region’s stance as a cybersecurity leader, Northern Virginia Technology Council (NVTC) has partnered with Monster Government Solutions to create the www.CyberCapital.us microsite which reflects the region’s unmatched cybersecurity capabilities in talent, funding and regional resources.

Workforce                 

Greater Washington has the highest geographical density of cybersecurity workers in the country, with 84,000 currently employed cybersecurity workers across the region. Despite that, we still have over 46,000 cybersecurity openings left to fill. This further supports the NVTC member survey responses indicating that over half experience difficulty staffing cybersecurity openings.

CyberCapital Web Graphic v062317Funding

In 2016, companies with cybersecurity offerings raised $216 million in venture capital funding across Greater Washington. The region has a thriving cybersecurity incubator and investor community highlighted by organizations like In-Q-Tel, MACH37 and Carlyle Group.

Resources

In addition to being the seat of federal government and the source of national cybersecurity policymaking, our region has unparalleled cybersecurity resources including the U.S. Cyber Command in Ft. Meade, DARPA and strong research infrastructure through top universities in all three jurisdictions.

Regional Branding

Our hope is that this site will help build awareness of Greater Washington as the nation’s leading cybersecurity hub, with an experienced, educated workforce and opportunities for both cybersecurity practitioners and businesses looking to tap into our deep pool of talent and resources.

NVTC is working on behalf of the Greater Washington technology community to accelerate and promote cybersecurity growth. In November 2016, we hosted our inaugural Capital Cybersecurity Summit and will be hosting the second annual Capital Cyber Summit on November 14 and 15, 2017.

We’ve also launched a Tech Talent Initiative to address the workforce challenges of NVTC members and the Greater Washington technology community in crucial areas like cybersecurity, data analytics and software development.

NVTC is delighted to be partnering with Monster Government Solutions on this new resource to promote Greater Washington’s dynamic cybersecurity ecosystem. Visit www.cybercapital.us for the latest cybersecurity statistics, as well as links to regional resources and cybersecurity job openings.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC has published the second infographic in its new research series. In this data analytics-focused piece, we’ll take a look at the data behind the compelling numbers in the infographic.

NVTC Data Infographic 2017

Big Data and Analytics Drive Growth

By 2020, the amount of digital data produced will exceed 40 zettabytes, which is roughly equivalent to 6,080 years of HD video, a period longer than recorded history. More data has been created in the last two years than in the entire previous history of the human race. The total amount of data captured and stored by industry doubles every 14.4 months.

Over 3.5 billion Google searches are made daily and 205 billion emails are sent each day. Facebook has over 30 petabytes of user-generated data and Twitter sees over 230 million tweets daily; for scale, one petabyte is roughly equivalent to 13.3 years of HD video. Gartner projects that connected devices making up the Internet of Things (IoT) will grow by two billion to over 8.4 billion IoT devices in use this year, representing one billion more devices than people on the planet.

However, less than 0.5 percent of data created is analyzed or used.

Funding & Revenue

Venture capital funding for Greater Washington companies offering analytics products and services totaled over $93 million in 2016; the largest single funding round was $12 million for ThreatQuotient, announced in August.

According to Gartner, consumers and businesses spent nearly $14 billion on devices, which is expected to grow to $17 billion in 2017 while IoT services are expected to reach $273 billion.

IDC projects double-digit growth – a CAGR of 11.7 percent – in the big data and analytics market through 2020, growing from $130.1 billion in 2016 to $203 billion in 2020. IDC also projects that the IoT market will reach $1.46 trillion with global IoT revenue of $7.06 billion by 2020, with retail and manufacturing as the two leading IoT industry verticals.

Workforce

Analytics talent continues to be in high demand with no signs of slowing in the immediate future. Glassdoor named data scientist as 2016’s hottest job across all business sectors, not just IT. Data engineer was ranked third and analytics manager ranked fifth on this same list. One-third of surveyed NVTC members indicate they are currently hiring data analysts.

Conclusion

Big data and analytics is undeniably a growth industry by every possible measure and no region is better equipped to meet the demands emerging from the new data ecosystem than Greater Washington. With its leading data analytics firms, highly-skilled workforce, expertise serving federal, state and local government customers, and many outstanding academic institutions, Greater Washington’s big data assets are unmatched.

Click here to learn more about NVTC’s research initiatives or email NVTC Research and Strategic Initiatives Manager John Shaw.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC Launches Infographic Series

August 2nd, 2016 | Posted by John Shaw in Research | Tech Talent Initiative - (Comments Off)

Did you know corporate ransomware cost companies $24 million in lost profits in 2015? Or that 55% of technology sector openings in Virginia are in cybersecurity?

These powerful cybersecurity statistics are just some of the data highlighted in NVTC’s newly published series of infographics, white papers and reports addressing important and trending industry topics. The first infographic in this series focuses on cybersecurity and highlights workforce issues, cybersecurity incidents and funding in our region. Access the cybersecurity infographic at this link:
http://www.nvtc.org/documents/resources/NVTC_Cybersecurity_Infographic_July_2016.jpg

In addition to infographics, future published items will include white papers and reports. Research topics under consideration include:

  • Skill gaps and pain points in the IT workforce
  • Regional economic snapshots, including an analysis of the impact of data centers on Virginia’s economy
  • Big Data and analytics
  • Cloud computing
  • Health technology
  • Human capital development
  • Innovation
  • Agile development and DevOps
  • Business development best practices
  • Networks and telecommunications
  • Governance
  • Mobility
  • Privacy and security
  • IT modernization
  • Open data
  • Leveraging the millennial workforce
  • Financial management systems
  • Acquisition and procurement
  • Emerging technology

Our first in-depth research project involves identifying and quantifying the skill set needs of the region’s technology employers, comparing those needs to the current workforce, and proposing changes that should be made to address any gaps. It will include a detailed analysis of talent pipeline issues, recommend training and certifications needed to upskill the workforce to help close the gap, provide needs assessment results to educators and training institutions and recommend actions to improve the regional workforce pipeline moving forward. The first part of this project is scheduled to be published in late October 2016.

Sponsorships for the infographic series, in-depth research projects and other NVTC research activities are now available. Please contact Yolanda Lee at YLee@nvtc.org for more information.

Is our list missing any issue areas you’ve been experiencing ? We want to hear your ideas – please contact me at JShaw@nvtc.org to discuss potential projects and areas of research.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

NVTC has published the first infographic in its new research series. In this cybersecurity-focused piece, we’ll take a look at the data behind the compelling numbers in the infographic.

NVTC July 2016 Cybersecurity Infographic

NVTC July 2016 Cybersecurity Infographic

The Cybersecurity Workforce Capacity Gap

Federal CIO Tony Scott estimates there are currently 10,000 unfilled cybersecurity positions in the federal government alone. Fifty-five percent of NVTC members responding to a recent survey indicated they are attempting to hire cybersecurity specialists this year. This capacity gap also exists in the commercial sector as well. At a fireside chat on May 26, 2016, Virginia Governor Terry McAuliffe indicated that of the 31,000 Virginia IT openings, 17,000 are in the cybersecurity sector. While Greater Washington is likely the cybersecurity workforce capital of the world, we still face a critical shortage of qualified professionals.

The Department of Defense is attempting to upskill 6,200 cyber professionals from active military and 2,000 from the National Guard and reserve units by 2018 and offered up to $50,000 in retention signing bonuses to current military cybersecurity professionals. Further, OPM authorized the U.S. Cyber Command in 2015 to hire up to 3,000 civilian cybersecurity professionals at the highest federal pay grade outside of senior management positions.

Cybersecurity Incidents and Threat Vector Area Increasing

When we take a look at cybersecurity incidents, we find that simple employee mistakes make up a large percentage of our current risk. The March 18, 2016 Federal Information Security Modernization Act (FISMA) report to Congress cited 77,183 information security incidents over the course of Fiscal Year 2015, which represents a 10 percent increase from FY 2014. Of those incidents, 13 percent were lost, stolen or confiscated equipment; 15 percent were driven by government employee error such as internal policy violations and improper usage; 16 percent were not related to IT, such as the loss of paper records. Strikingly, only 56 percent of all incidents represented an external cybersecurity threat.

Fifty-three percent of IT decision-makers in a SolarWinds and Market Connections survey reported that unwitting insider threats – human error – is the most serious cybersecurity threat. OPM Security Operations Manager Jeff Wagner said “I will have a job until the end of time simply because I have users” at a February 2016 cybersecurity conference in Washington, D.C.

The threat vector area continues to increase as well. In a Crowd Research Partners online survey of 882 IT professionals from across the world, 20 percent suffered a security breach associated with a mobile device, 24 percent indicated that an organizational mobile device connected to a malicious server while roaming and an alarming 39 percent of those devices downloaded malware.

According to Craig Williams of Cisco’s Talos Research, an internet scan by Talos revealed approximately 2.1 million systems vulnerable to the JBoss exploit used in common ransomware attacks. And other JMX-based exploits that have been known for more than a year are waiting in the wings to strike systems based on JBoss as well as related systems such as WebLogic, WebSphere, the open source Jenkins automation server and the OpenNMS network management platform. These are cases where simply updating those systems would patch the vulnerability.

Cost of Data Breaches and Intrusions Rising

The Ponemon Institute’s 2015 Cost of Breach Study: United States indicates the average cost of a data breach rose 11 percent year-over-year, to $6.53 million, with an average cost of $217.00 for each lost or stolen record.

In an official statement on the March 2016 MedStar Health hack, an FBI official disclosed that the reported loss from ransomware attacks in 2015 was $24 million. In its 2014 annual report, the FBI’s Internet Crime Complaint Center (IC3) indicated there were 269,422 complaints filed with reported losses totaling over $800 million. IC3 reports 7,694 ransomware complaints with $57.6 million in losses since 2005.

Cybersecurity Spending and Venture Capital Funding on the Rise

The U.S. government spends more than twice as much annually on cybersecurity than the combined public and private sectors of any other nation. The administration’s 2016 budget allocated $14 billion in cybersecurity spending while the 2017 budget submission calls for over $19 billion.

The 2015-2020 federal cybersecurity market is valued at $65.5 billion. Vendor-provided cybersecurity products and services are estimated to grow from $8.6 billion in FY 2015 to $11 billion in 2020 at a compound annual growth rate of 5.2 percent.

2015 venture capital funding in the Greater Washington region reached $647.85 million for organizations with cybersecurity products or services, representing 45.78 percent of the $1.415 billion in total 2015 venture funding in Greater Washington.

Conclusion

While cybersecurity threats and breaches can be devastating, they are also galvanizing for the technology community. Now, more than ever, there is an opportunity for NVTC members to come together and deepen their commitment and influence in driving innovation and workforce development in cybersecurity. NVTC is here to provide its members with the latest cybersecurity developments through research, communications publications, webinars, conferences and advocacy efforts. Stay tuned for NVTC’s upcoming cutting-edge research series that will feature infographics, white papers and reports.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS