Key Message: Protecting the internet and its users against cyber attack requires a significant increase in the number of skilled cyber warriors.Executive Summary
Every country whose citizens and organizations use the internet are vulnerable to a massive cyberattack, “where financial, transportation, telecommunications, and even military operations are now deeply dependent on data networking. U.S. security officials say the country's cyberdefenses are not up to the challenge. In part, it’s due to a severe shortage of computer security specialists and engineers with the skills and knowledge necessary to do battle against would-be adversaries. The protection of computer systems essentially requires an army of cyberwarriors, but the recruitment of that force is suffering.” 
In this podcast, Dennis Allen, a member of CERT’s Workforce Development Team, discusses useful approaches and resources for becoming a capable and skilled cyber warrior.
A cyber (aka computer) warrior is your traditional information technology or information security professional who is responsible for computer network operations. This role may include dealing with attacks on the network, network defense, and network exploitation.
Most of today’s organizations (government and commercial) conduct business on the internet. The internet provides ready (and often anonymous) access for criminals, foreign militaries, and other bad actors, which can result in the compromise of critical infrastructure and information for financial gain, and theft of intellectual property.
As a result, there is a growing demand for skilled professionals, for both defensive and offensive operations.Getting Started
Here are some guidelines, based on level of expertise (high school, college, professional, and business leader).
Start with readily available resources: websites, videos, tutorials, common threat descriptions, online safety websites, and specific technologies (refer to the Resources section)
Create your own operational “sandbox” and start experimenting with, for example:
High school and college students may want to consider cyber camps, cyber quests, and competitions including:
Most people are not familiar with all of the ins and outs of computer security. Here are some additional resources to consult when you’re asked to help:
Be very careful. Don’t plug a bad computer into your network. Have an isolated connection or don’t use the internet at all. Make sure your diagnostic tools and utilities are on a separate CD.
If you see something that you think might be illegal, consult the U.S. Department of Justice’s Computer Crime & Intellectual Property Section website for information about reporting cyber crimes.Cautionary Advice
Don’t go rogue such as randomly downloading tools and running them on your home, college, or work network as this may violate terms of service and acceptable use policies. And you may end up doing something illegal, even by accident.
Practice in an isolated environment. If you seek help online, make sure the source is reputable and trusted.
Be careful with whom you make contact. Criminals such as Albert Gonzalez are always looking for willing and skilled associates to commit cybercrimes.
A bachelor’s or master’s degree in information assurance or computer science is important for career advancement. Programming classes in Java, C, and Python help develop skills in evaluating logic problems, finding programming flaws, and troubleshooting.
Taking programming and operating system courses at a community college is also a good step.
However, most formal degree programs will not teach you how to think like a bad guy or develop malicious code.Certifications
Certifications do help in providing specialized training but they too concentrate on career advancement, not necessary thwarting attacks. Some of the leading ones include:
Most cyber security professionals have a breadth of knowledge but are missing technical depth. Most attackers are experts in a specific area such as writing an exploit or wireless hacking. Cyber warriors also need to specialize in areas such as forensics, intrusion detection, or network situational awareness.
Organizational leaders need to understand the skills and expertise of their staff, so they know who to call upon when dealing with an attack.Resources
 Gjelten, Tom. “Cyberwarrior Shortage Threatens U.S. Security.” July 19, 2010.
College and high school
Technology and vendor-specific; general security guidance