The Office of the National Cyber Director (ONCD) recently hosted a 3-hour discussion on creating a strong cybersecurity workforce; the results are enlightening. The session involved representatives from more than 30 public and private organizations spanning 12 industries.

The ONCD advises the United States President on cybersecurity policy and strategy. Its mission is to advance national security, economic prosperity and technological innovation through cybersecurity policy leadership.

“In our increasingly digital world, where cyber threats are growing more frequent and more sophisticated, we need great cyber talent in every sector of our economy, and we need them in every community across our nation,” said National Cyber Director Harry Coker, Jr. while leading the discussion.

Here are five key takeaways from that event.

1. Cybersecurity isn’t just for tech sectors

As Coker noted in his opening statement, cyber talent is needed by all sectors and communities. It’s no longer contained within the tech community or even within tech-forward companies like finance and retail. Every organization, from large global players to the small business community, faces threats. That means they all need a strategy for cybersecurity threat detection and response.

2. Skills-based hiring opens the field, draws in the underrepresented

Speakers at this assembly noted that there are a half million unfilled cybersecurity roles right now. “We need to adapt faster; we need to open our doors wider,” said Loren DeJonge Schulman, Associate Director of Performance and Personnel Management for the Office of Management and Budget. Traditional hiring focuses on education and experience. Skills-based hiring may remove four-year degree requirements, focusing on competencies instead. For example, an applicant might not have a degree in computer science but may understand how to set up and deploy a cloud platform or use AI and machine learning models.

3. Partnerships yield results

This meeting showed the symbiosis between students who want to learn and opportunities to put that learning into practice. Representatives from Glendale Community College attended the discussion. That college maintains a live security operations center (SOC) where paid interns learn to monitor partnering rural municipalities at no cost. This provides the interns with over 300 hours of competency-based experience as a SOC analyst or engineer while delivering a service to small local governments that may not have the budget or team members to address security concerns internally. As Jiwon Ma, Senior Policy Analyst at the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies, noted that often in smaller organizations, “People just don’t have the time or the capacity to dedicate their jobs to cybersecurity, and these are very likely rural and small utilities.”

4. Focus beyond career entry to sustaining a career long-term

Chris Novak, Senior Director of Cybersecurity Consulting with Verizon, described his experience: “One of the challenges that we historically saw was someone would get to a certain point, and if they could not figure out what the next step in their career looked like, that often would mean an exit.” To address this, Verizon began to map all of their roles and their required skills. Now, he says, “Individuals in pretty much any role can figure out how they map from a role that they’re in now to other roles in the company.”

5. The cybersecurity talent shortage is a national security issue

Kris Lovejoy, Global Practice Leader, Security and Resiliency with Kyndryl, arrived at the core of why a prepared cybersecurity workforce is so essential: “This isn’t just about creating good-paying jobs. We’ve got a national security issue that we have to address. The reason we’re here is because we recognize we have to put more people into the pipeline so that we can secure our infrastructure.”

Read more about the risks of the current cybersecurity talent gap and how to address it within your organization.