Dearth of technical experts leaves US open to cyber attack, panel says
WASHINGTON - - The United States isn't producing enough engineers and technicians to combat the growing threat to government and business computer networks, a panel of security experts said yesterday.
Limitations on visas for foreign students and the attraction of careers in finance and law have contributed to the dearth in computer-security authorities, the analysts told the Senate Commerce, Science and Transportation Committee.
"We are not portraying an image that this is an exciting career path," said Eugene Spafford, executive director of the Purdue University Center for Education and Research in Information Assurance and Security.
US government and private computer networks were breached 37,000 times during fiscal 2007, compared with 24,000 break-ins the previous year, according to a report by the Center for Strategic and International Studies, a Washington policy group. Attacks on federal computer systems more than doubled to 12,986 in 2007 from 5,143, it said.
Of the 50 to 60 computer-security doctorates the United States produces annually, only 15 to 20 ultimately teach in this country, in part because of visa limitations on foreign students, Spafford said.
Terrorists, criminals, and foreign-government agents are gaining trade and national security secrets daily, lawmakers and the computer authorities said.
"Our enemies are real, they are sophisticated, they are determined, and they will not rest," said Senator Jay Rockefeller, the West Virginia Democrat who heads the panel.
In particular, there are few people who are knowledgeable about computer vulnerabilities in water and power plants, said Joseph Weiss, managing partner of Applied Control Solutions LLC, in California.
"There are less than 100 people who truly know and understand control systems cyber security," he said.
Rockefeller said he and Senator Olympia Snowe, a Maine Republican, will introduce legislation by the end of this month that would create scholarships to encourage more students to major in computer security.