Cybersecurity breaches affect businesses large and small, and the annual cost of computer- and network-based crimes worldwide is estimated to be more than $400 billion, according to a report from McAfee and the Center for Strategic and International Studies. As organizations increasingly use data networks for business, commerce and the transfer of sensitive information, the risks multiply, as do the needs for qualified cybersecurity professionals.
(ISC)2 Foundation and University of Phoenix recently conducted a national roundtable with cybersecurity leaders from industry and higher education to develop actionable recommendations to prepare students for cybersecurity careers.
The (ISC)2 Foundation and University of Phoenix report, Cybersecurity Workforce Competencies: Preparing Tomorrow’s Risk-Ready Professionals, identifies three education-to-workforce gaps that leave employers and organizations particularly vulnerable. These gaps are competency, professional experience, and education speed-to-market.
The report is based on a year of research, including analysis of industry competency models and labor statistics, which led to a national focus group, followed by the roundtable with industry leaders.
“The growing frequency, sophistication, and costs of cyberattacks threaten business continuity for organizations of all sizes,” said Julie Peeler, director, (ISC)2 Foundation. “Preparing and attracting the next generation of cybersecurity professionals is critical to the health of the economy and businesses globally.”
Roundtable participants say the following actions by industry and education leaders can have the most immediate impact on closing the gaps:
1. Encouraging problem-based learning via case studies and labs;
2. Offering meaningful internships for cybersecurity degree completion; and
3. Developing curriculum and career resources that are informed by cybersecurity employers.
“The multi-faceted cybersecurity field demands a strong workforce comprised of individuals who can adapt to constant shifts in the sector,” said Dennis Bonilla, executive dean of University of Phoenix College of Information Systems and Technology. “The industry increasingly needs professionals who possess both technical skills and strong business acumen, and curriculum is shifting to reflect these dynamics. Relevant education and training aligned to industry requirements are crucial to protecting and growing business infrastructure in the U.S. and globally.”
“Having qualified cybersecurity professionals is critical in all industries,” said Peeler. “Employers must act quickly to close workforce gaps and mitigate the risks that threaten enterprises. The roundtable report by the (ISC)2 Foundation and University of Phoenix provides practical recommendations to key stakeholder groups that must work together to build the cybersecurity talent pipeline.”
Closing the education-to-workforce gaps: Recommendations for students and employers
The report offers the following tips for students interested in cybersecurity careers, and for employers struggling to fill job openings:
Recommendations for students:
1. Get certified. Obtain the relevant certifications that can help enhance employability.
2. Understand clearance requirements. Many jobs in this field may require a security clearance. Be mindful that past actions could affect your eligibility.
3. Get involved. Demonstrate interest in the field by developing professional relationships. Stay abreast of industry trends by joining an association.
4. Build a portfolio. Seek opportunities to demonstrate your expertise by co-presenting at industry conferences and completing relevant projects.
5. Seek opportunities. Look for ways to obtain professional experience through internships, job shadowing or work-study jobs.
Recommendations for employers:
1. Engage with educators. Offer internships and participate in higher education curriculum advisory boards.
2. Champion cybersecurity careers. Partner with middle schools and high schools to increase awareness of cybersecurity career opportunities.
3. Steer clear of clearances. Remove barriers to entry-level jobs by decoupling tasks that require a security clearance. Many applicants, such as non-U.S. citizens, may be unable to obtain a security clearance readily.
4. Promote partnerships. Develop partnerships with higher education institutions to support curriculum development, career networking, and internships.
5. Encourage professional experience. Develop and fund programs that provide industry experience to students. Ensure programs meet the National Security Agency’s Centers of Academic Excellence accreditation requirements, and seek accreditation approval for such programs.
6. Hire interns. Internships are a viable step to employment and demonstrate the value of entry-level experience as a pathway to a career.