At a time when cyber security threats are on the rise, the Confederation is finding it increasingly difficult to put in place solid protection due to a lack of human resources. Observers point to the risks of private capture of these sensitive activities. Should we imagine an e-military service?
It’s a little sentence, slipped at the bottom of the page. But she slams, like a gunshot. In audits sent in early January on two IT projects of the army and Fedpol (telecommunications monitoring), the Federal Audit Office pointed to a permanent shortage of qualified and experienced IT specialists. In both cases, the level of risk “exceeds the normal level”. In other words, Switzerland is not armed in the event of an attack.
This talent shortage is a constant feature of employment indices published by temporary employment agencies: IT professionals are even more in demand than last year.
In total, the sector employed nearly 200,000 people at the end of 2017 (+29% since 2010), according to the organisation of information technology professionals. And by 2026, 88,500 more will be needed.
IT security needs are exploding
Needs are increasing at the rapid pace of technological advances – from facial recognition gadgets for smartphones to smart city systems – all driven by the Internet of Things, which makes every connected device an inexhaustible source of data. Recently, PwC’s cyber-risk expert, Yan Borboën, noted that by 2020, 200 billion connected devices will exist on Earth. And that at the same time, each person will generate 1.7 MB of data every second, the weight of the MP3 file of a song.
As a result, over the next five years, the number of data theft and hacking is expected to triple to 33 billion worldwide. The study also notes that the most vulnerable to these attacks are SMEs: they constitute 99% of Swiss companies, making Switzerland a particularly vulnerable country.
In response to this observation, efforts are being made in the field of continuing education: a diploma recognized at the federal level has been training the first experts in this field since this fall. But the arrival on the market of new graduates only covers 36% of future specialist needs. While immigration accounts for 19% of them, according to the ICT-Vocational Training study, which estimates that more than 40,000 talents will remain to be found in the next seven years.
The battle for the market has begun
This same private sector is also getting involved in training (Microsoft, La Poste, Ruag, Swisscom and UBS in particular participated in the implementation of the federal diploma mentioned above). At the same time, Zurich, Ticino, Geneva and even Lausanne with its EPFL are fighting to host the Confederation’s future cyber security competence centre, with their share of private sponsors.
So many attempts to position themselves in a market that promises to be profitable: the consulting firm Gartner forecasts that global cybersecurity spending will reach $124 billion this year (+8.7% over one year).
However, these partnerships make observers grind their teeth. In the absence of resources, the State tends to subcontract expertise to private companies. Whether it is for the management of electronic voting by La Poste, which itself outsources the development of this service to Scytl, a Spanish company. Or for access to digital identification, which Bern intends to entrust to private or semi-public sector suppliers.