There are more than 300,000 unfilled jobs for cybersecurity professionals in the United States today. Higher education institutions can help address this issue by creating initiatives to educate students and professionals to train the next generation of cyberwarriors.
The famous US bank robber Willie Sutton allegedly said he robbed banks because "that's where the money is." Today data are money and are the target of bad actors who would like to steal data for their own purposes. In the Information Age, we need to worry more than ever about safeguarding confidential personal and corporate information. Unfortunately, there seems to be an acute and growing shortage of professionals trained to help us protect this type of information.
The week of November 12 is National Cybersecurity Career Awareness Week, and it is intended to promote awareness of cybersecurity careers. Higher education institutions have an important role to play in educating future cybersecurity professionals and closing the cybersecurity talent gap. A great starting point is to build awareness around the severity of the talent shortage, communicate the cybersecurity skill sets needed, discuss possible career paths, and give students the training and experiences necessary to develop the skills they will need in the working world.
How Large Is the Shortage of Cybersecurity Professionals?
On a global basis the 2018 (ISC)2 Cybersecurity Workforce Study estimates a shortage of about three million cybersecurity professionals. In the United States alone, there are about 300,000 currently unfilled job openings for cyber professionals. This shortage of skilled job seekers is having a real-world impact on companies and the people who are responsible for cybersecurity. According to the study, 63 percent of organizations surveyed have either a significant or slight shortage of staff dedicated to cybersecurity work, and 59 percent are at extreme or moderate risk due to shortages in cybersecurity staff (see figure 1).
The study also points out that Gen X and Baby Boomer workers make up about half of the cybersecurity workforce. This may mean that there are many entry-level opportunities for new college graduates and that there are pathways for growth as these experienced workers approach eventual retirement.
To get a better feel for what supply and demand look like in the cybersecurity job market, CyberSeek has created a Cybersecurity Supply/Demand Heat Map that lets users explore the job openings at the national level or by individual states or metro areas. Currently, there are more than 700,000 professionals employed in the cybersecurity workforce nationwide, with more than 300,000 job openings available. CyberSeek, which is a partnership between the National Initiative for Cybersecurity Education (NICE), the Computing Technology Industry Association (CTIA), and Burning Glass Technologies, also shares career pathways information so that professionals entering the cybersecurity job market understand the myriad of cybersecurity jobs that are available.
How Can Higher Ed Help Address the Shortage?
Higher education is well positioned to play a strong role in educating the next generation of cybersecurity workers and training existing employees to get the skills needed to stay current with the latest cybersecurity trends and approaches. A multipronged approach is needed to close the cybersecurity skills gap.
Build Awareness for Cybersecurity Issues
Help spread the word about the cybersecurity skills gap and job opportunities on your campus. The institution's CISO or information security team can be a great resource to conduct a cybersecurity seminar or to share their knowledge and expertise with students. The Enterprise Security Team at The Ohio State University has implemented this idea, and they sponsor an annual and free Cybersecurity Days event to expand knowledge of security and data protection for the entire college community.
Create Academic Programs that Teach Real-World Skills
Look to other programs for inspiration in developing courses that provide real-world skills. Norwich University has a strong cybersecurity program and recently opened a new academic building to house several classrooms devoted to its program. Providing opportunity for hands-on training is critical, and this cyber war room has a bank of multiple screens and work stations where students train on real-life cybersecurity scenarios. The program also includes a digital forensic lab where internet-connected devices can be analyzed for clues about infections and the sources of attacks.
Identify Scholarship Opportunities for Students
Institutions, professors, and instructors can share scholarship information with their students to encourage additional cybersecurity studies. The CyberCorps: Scholarship for Service, funded by the NSF, provides up to $22,500 per year for undergraduate and $34,000 per year for graduate cybersecurity students. In return, students commit to work for a federal, state, or local agency for a period matching the length of their scholarship. The Center for Cyber Safety and Education (formerly the (ISC)2 Foundation) also offers a list of scholarships for aspiring information security professionals.
Encourage Participation in Cyber Competitions
Institutions with an information assurance or computer security curriculum can give their students an additional way to hone their skills and have fun by participating in regional events hosted by the National Collegiate Cyber Defense Competition. The top regional teams can then go on to the National Championship held each April. These events give students the chance to test their practical defensive and offensive information security skills against teams of other students. For students, this is an opportunity to work on cybersecurity problems in a team atmosphere, and it also gives them a networking opportunity to expand their future professional networks. The University of Virginia won the 2018 NCCDC Championship.
Another cybersecurity competition for high school and college students is the National Cyber League, which is a defensive and offensive puzzle-based, capture the flag–style competition. All participants play the games simultaneously and are tested with real cybersecurity challenges they will likely face in the workforce.
Partner with Local Firms to Develop Continuing Education or Credentialing Programs
There are more than 700,000 professionals currently employed in the cybersecurity workforce. These professionals, from wizened expert to newly minted graduate, need continuing cybersecurity education. Colleges and universities can help meet this need by reaching out to businesses to understand their needs and how those needs can be met with continuing education courses or credentialing programs.
Higher education–sponsored continuing education or credentialing programs might also be able to find ways for current cybersecurity professionals to interact with cybersecurity students. For students and professors, connecting with local businesses is another opportunity for students to interact and network with working professionals. Companies receive a benefit, too, because their employees could get to know an institution's cybersecurity students before they graduate—and that can make a huge difference when it is time to identify and hire new employees.
The US Bureau of Labor Statistics career outlook from January 2018 projects a 28% growth in US employment for cybersecurity consultants from 2016 to 2026. This pace of growth is much higher than the average job growth. Higher education institutions are in a unique position to help support students interested in this fast-growing and critical career.
Tom Humbarger is the Marketing Manager at Vantage Technology Consulting Group.
© 2018 Tom Humbarger. The text of this work is licensed under a Creative Commons BY-NC-ND 4.0 International License.