Rare earths have received a lot of attention this year. Like cybersecurity, they are increasingly considered critical to national security, setting up an interesting comparison of two seemingly disparate items that share several important strategic and geopolitical similarities.
For example, both rare earths and cybersecurity are considered strategic assets essential for military and defense technologies. Hence both have become key investment targets for nations looking to increase self-sufficiency and reduce dependencies.
There also have a common theme around supply chain vulnerabilities. Both face significant supply chain risks and concentration problems. Currently, rare earths production is dominated by China, while cybersecurity often depends on key technologies or expertise concentrated in specific countries.
Both also have supply and demand concerns. Rare earths face physical scarcity and extraction challenges, while cybersecurity faces a scarcity of qualified talent and expertise, with the 2024 ISC2 Cybersecurity Workforce Study estimating a shortage of 4.76 million cybersecurity professionals.
To put that staggering number into perspective: The estimated cybersecurity workforce is 5.45 million professionals; hence, according to ISC2, 46% of necessary cyber roles are unfilled. Indeed, that quantifies the rarity of cybersecurity resources.
Moreover, both rare earths and cybersecurity requirecomplex technical expertise — each field requires highly specialized knowledge that takes significant time and investment from enterprises and government agencies to develop. The cybersecurity shortfall will take several generations to address.
Both domains represent areas where technology capabilities, resource access, and security concerns are intersecting in our increasingly technology-dependent world. Due to these factors, there is increasing regulatory attention evolving around both as governments recognize their strategic importance.
Cybersecurity’s ‘rarest earths’
Rare earths comprise about 17 natural elements, each of which has become mandatory for modern technology and warfare, such as smartphones, weapon precision guiding systems, magnets for wind farms and EV motors, plus many other use cases.
But not all rare earths are equal, and there are four or five that are considered the rarest. This analogy can extend to certain cybersecurity skills, which although all critical for modern security differ in their level of rarity. The following can be considered the “rarest earths” of the cybersecurity world.
Advanced threat hunting expertise
Like the rarest elements, professionals who can proactively identify novel threats and adversary techniques before they cause damage are scarce and extremely valuable. Why are these skills rare? Many factors have led to this scenario:
- Complex skill requirements: Effective threat hunters need a unique combination of skills, including deep cyber knowledge, programming proficiency, data analysis capabilities, and the ability to understand the attacker mindset.
- Business and industry context: Great threat hunters also need to understand the business context of their environment to prioritize what matters — an even rarer expertise.
- Deep experience: Threat hunting relies heavily on pattern recognition and intuition that develops only through years of hands-on experience.
- Few formal training paths: Unlike other cybersecurity specialties, there are limited structured educational programs specifically for threat hunting; you must learn on the job.
Quantum computing security
As quantum computing risk emerges, experts who understand how to develop post-quantum cryptography are becoming the “critical elements” for future security.
Many of the above points for threat hunters also apply. But let me highlight that there are very few crypto experts that are also good at driving change, and this will be required for the post-quantum remediation, which will be the equivalent of large mega transformation programs.
Being able to speak technology to understand these new algorithms and protocols while at the same time speaking business language is a hard combination to find.
Nation-state threat intelligence
Cyber analysts who can attribute and understand sophisticated state-sponsored attacks are in extremely limited supply. This is, if you like, the “Top Gun” of the class. To get to this level then you will need:
- Geopolitical expertise: Effective analysts must understand global politics to properly contextualize and predict nation-state activities.
- Language and cultural fluency: Analysis often requires foreign languages specific to target nations.
- Direct exposure: Very few security professionals get hands-on experience with confirmed nation-state incidents; plus, attribution is always going to be extremely difficult.
With nation-state actors increasingly targeting private organizations, this skill set will only become harder to compete for in the open talent market.
A way forward
As organizations and nations develop their cybersecurity strategies, the ability to identify and nurture these “rare earth” cyber skills such as advanced threat hunting, quantum security, and nation-state cyber intelligence becomes as strategically important as securing physical supply chains for critical minerals.
This won’t be resolved quickly, and you will be tempted to see if AI can help fill this gap. Yes, AI can augment challenging cyber activities like advanced threat hunting, but it can’t fully replace human expertise.
Our human threat hunters remain essential for several reasons:
- Adversarial creativity: Sophisticated nation-state attackers constantly develop novel techniques specifically designed to evade automated detection. Human intuition is necessary to spot these shifts.
- Contextual understanding: Humans can understand organizational contexts, processes, and political motivations that AI currently struggles to fully comprehend.
- Investigative intuition: Fully trained threat hunters develop a “sixth sense” about which leads to pursue, and which unusual patterns might indicate genuine threats versus a false positive. It is hard for AI to learn this.
- Attribution expertise: Determining who is behind an attack, especially nation-state actors, requires judgment about motivations, techniques, and geopolitical context. Not an easy task for AI at this time.
In the end the most effective approach will probably be a hybrid human-AI partnership where we combine the two strengths.
For example, AI can handle the “data rich” detection and correlation work, while our human experts evaluate findings and make final determinations. Plus, humans can adapt to evolving threats and see whether new patterns emerge.
This combination leverages collective strengths. More importantly, it is a combination that we CISOs hope can be a more common asset for our defensive strategies than we are experiencing separately today.
See also: