An international shortage of cybersecurity talent is expected to grow over the next few years, according to the Information and Communications Technology Council.

The council's vice-president of talent innovation, Sandra Saric, said there's an expected need for more than 1.5 million people to work in cybersecurity globally by 2020.

Solving the talent shortage was one of the challenges emphasized by government and private industry executives at a cybersecurity forum at the GTEC conference in Ottawa on Tuesday. It's an annual technology event that brings together business and government.

Sandra Saric,

Sandra Saric, vice-president of talent innovation for the Information and Communications Technology Council, says there's a need for computer scientists, analysts, investigators and psychologists as well as communications and marketing professionals. (GTEC)

"Getting more people to take science, technology, engineering and mathematics courses and degree programs, and also training them to be cybersecurity savvy is probably the first challenge," said Scott Jones, assistant deputy minister responsible for the information technology security program with Communications Security Establishment Canada (CSEC).

Starting early

Saric said there's a need for computer scientists, analysts, investigators and psychologists, as well as communications and marketing professionals.

"We connect with the Ottawa police who have a cybercrime unit, they're having difficulty finding people. I've spoken to the RCMP who are also struggling … it's across the board," she said.

Saric said the Information and Communications Technology Council, a Canadian non-profit, is working on developing talented students before they have even graduated high school.

The council has created cybersecurity competitions at high schools across the country to get students to develop these unique skills.

"It's about youth, regardless of what career they enter, cybersecurity is a critical component of their learning and the knowledge they need," said Saric, who presented at the cybersecurity forum 

Health information area of concern

But Jeff Curtis, the chief privacy officer at Sunnybrook Health Science Centre in Toronto, said his hospital needs talent now, not years down the road.

Jeff Curtis

Jeff Curtis, chief privacy officer at Sunnybrook Health Science Centre in Toronto, said health care centres oversee personal information and need cybersecurity talent immediately. (GTEC)

"People need to hear what's going on in the trenches, I'm here to bring that perspective," said Curtis.

He said the hacking of private health information is becoming a bigger concern for hospitals and health-care providers in Canada, noting hospitals hold a lot of valuable personal data and everyone is counting on the health-care centres to keep information safe.

In March the Ottawa Hospital reported a cyberattack after four of the hospital's computers in a network of 9,800 devices faced a hacker attempt.

The hospital said malware locked down the files after someone using the computer clicked a link that activated it, but it said no patient information was compromised.

In a statement at the time, the hospital said it was confident the appropriate safeguards were in place to protect patient information, but it would "continue to look for ways to increase security."

"We're just starting to look for scaled operations and the people to fill those positions," said Curtis about Sunnybrook.

"We have to catch up fast, and it's hard to find folks who not only have the hard skills in security, but also know the [hospital] sector as well."