Educating for a Career in Cybersecurity

Did you know that October is National Cybersecurity Awareness Month (NCSAM), an annual campaign by the Department of Homeland Security, to raise awareness about cybersecurity?

Each week, NCSAM looks at different angles of cybersecurity to best educate the public; this past week revolved around education, “Millions of Rewarding Jobs: Educating for a Career in Cybersecurity.” This particular topic is close to home, as I have two daughters in high-school who will be shortly deciding what majors to study, and whether cybersecurity is of interest.

Although at Cavirin we place a lot of confidence in our cloud security automation capabilities, we still require skilled security personnel to plan and operate the solution, as well as digest the resulting data. And that need, even with all the AI and ML in the world, won’t go away anytime soon. In fact, many are predicting millions of unfilled security jobs in the coming years, and the recently published National Cyber Strategy calls out ‘Develop a Superior Cybersecurity Workforce’ as a strategic national security advantage. This is this century’s equivalent of the ‘missile’ gap after WW2 and at the beginning of the Cold War, a gap that spurred interest in engineering.

But what the engineers of the previous generation accomplished in the physical space, must now translate with the same focus and creativity into the virtual space. And the ‘physical’ toys, the wagons and Lincoln Logs, that kids at the time were most familiar with, are in many cases supplanted by virtual ones – smartphone applications and video games. I won’t comment on whether this is good or bad, but it does attune Generation Z, the post-millennials, for quick response and multi-tasking, skills valuable in cybersecurity. So what is the best path forward?

The National Initiatives for Cybersecurity Education (NICE) is one framework, depicted below. NICE supports policies that encourage hiring, developing, and retaining a skilled workforce for both the private and public sectors. But we have a long way to go, as evidenced by the number of unfilled jobs at CyberSeek. I doubt the average elementary school or even middle-school teacher has ever heard of NICE, and it is hard enough to encourage females to even consider STEM in general. There are really three timelines in play – the immediate need, the near-term, that can be addressed by the universities, and longer-term, where the next generation come into their own.

For those already in the workforce, we all know that continual retraining and re-education is critical to career growth. Consider mainframe specialists who then became comfortable with minicomputers, and later still, PCs. Corporations must make it financially appealing for those wishing to make a change, including covering the cost of advanced degrees if deemed to offer a competitive advantage (which they should).

For those not yet in the workforce, higher educational institutions must double-down on <practical> cybersecurity programs, scholarships, and internships within industry. Programs that focus on identifying and solving breaches in the pressure of an operational environment. Universities should elevate cybersecurity to a major discipline, on par with Civil, Electrical, and Mechanical. Some have already gone down this path, but most have not. But the real question is how to get students interested, as early as high school.

A few electives cover the Internet, but over the last decades, the core curriculum has not really changed from English, math, science, and history. Maybe time for a change to the more practical aspects of survival in the 21^st Century? Cyber could be one module. In parallel, for those so inclined, the nationwide GenCyber camps for grades 10 and above are a great opportunity, and cover topics as diverse as risk assessment and threat detection, forensics and incident response, network security, and of course intro to cryptography.

The next generation is where we can make a real difference. What does it take to get the average 10-year old interested in math or science, or for that matter, security? In a way that removes the ‘nerdy’ connotations we’ve seen with robotics and space. Fact is, there are a lot of resources already available. Some good links include:

• https://nicerc.org/student/
• https://nicerc.org/curricula/requestcurriculum/
• http://uscyberpatriot.org/Pages/About/What-is-CyberPatriot.aspx

And, from the recent Wired Magazine article by Geetha Murali, CEO of Room to Read, a few recommended books to get started in the right direction:

• Lab Girl, by Hope Jahren
• Brazen: Rebel Ladies Who Rocked the World, by Penelope Bagieu
• Headstrong: 52 Women Who Changed Science and the World, by Rachel Swaby
• The Evolution of Calpurnia Tate, by Jacqueline Kelly
• Girls Think of Everything: Stories of Ingenious Inventions by Women, by Catherine Thimmesh
• Good Night Stories for Rebel Girls, by Elena Favilli and Francesca Cavallo

• About
• Latest Posts

David Ginsburg

Dave brings to Cavirin over 25 years of experience spanning corporate and product marketing, product management, digital marketing, and marketing automation. Previous roles included CMO at Teridion, Pluribus, Extreme, and Riverstone Networks as well as senior marketing leadership positions at Nortel and Cisco. His expertise spans networking, cloud deployments, and SaaS.

Latest posts by David Ginsburg (see all)

• Educating for a Career in Cybersecurity - October 19, 2018