Careers & People

2/17/2017
12:00 PM
Kyle Martin
Kyle Martin
Commentary
Connect Directly
LinkedIn
RSS
E-Mail vvv
50%
50%

Closing The Cybersecurity Skills Gap With STEM

As a nation, we should be doing more to promote educational programs that prepare today's students for tomorrow's jobs.

The growing number of cybersecurity threats and attacks expose the importance of engaging students in hands-on learning. Not only are cybersecurity threats increasing, they're also becoming significantly more complicated.

Unfortunately, the number of skilled cybersecurity professionals isn't keeping up. According to a report from Intel Security and the Center for Strategic and International Studies, 209,000 U.S. cybersecurity jobs went unfilled in 2015.

Educational institutions from grade schools to universities can correct this problem by broadening hands-on classroom learning to address the need for well-trained cybersecurity professionals.

Here are five ways we can begin closing the cybersecurity skills gap:

1. Integrate STEM Education in Grade School
Active, hands-on STEM (science, technology, engineering, and math) learning complements traditional learning by offering a way for students to apply textbook concepts to real-life problems. And there's proof that it works: A study released by the Amgen Foundation and Change the Equation shows students want more tangible learning opportunities. Survey respondents said common teaching methods, such as teaching exclusively from a textbook, are less engaging than hands-on methods. The survey also found that hands-on learning, such as experiments and field trips, are the most effective way to engage students.

The survey also found the following:

  • 81% of students are interested in science, with 73% expressing an interest specifically in biology.
  • Students who are interested in biology classes identified their teachers and classes as the most influential to their career decisions.

On a national scale, the U.S. government aims to increase STEM awareness through programs such as the National Initiative for Cybersecurity Education, which lets teachers access a variety of resources to help them develop STEM-related curricula. By introducing and promoting cybersecurity and STEM education early on in the classroom, students learn to address real social, economic, and environmental problems, and seek necessary solutions.

2. Equip College Students with Cybersecurity Skills
The Comprehensive National Cybersecurity Initiative is a government program that identifies goals to create a more comprehensive, updated national cybersecurity strategy. A key component of this initiative is expanding cyber education and placing courses in K-12 schools to create technologically skilled, cyber-savvy students. However, putting this kind of program in place would require another national strategy like the science and math education initiative of the 1950s.

Even though there isn't a nationwide program to promote cybersecurity in K-12 schools, one high school is preparing its students for a lucrative STEM career. King William High School in Virginia offers a four-year track to help students build the fundamental skills necessary for entry-level employment in the cybersecurity field. The program's students can graduate from high school with industry-recognized certifications and valuable cybersecurity skills.

Universities across the country are also starting to take notice of the increasing interest in cybersecurity, and many computer science degree programs are offering cybersecurity as a specific concentration. Students studying computer science often focus on information assurance and computer security, specifically learning about designing systems and strategies that safeguard information. Typical course topics include computer security, digital forensics, and machine learning.

Through partnerships or internships, STEM students have the opportunity to work with industry partners to gain real-world experience. For example, the Department of Homeland Security has a Cyber Student Volunteer Initiative in place for summer internships. This program gives undergraduate and graduate students the opportunity to work alongside leaders in the DHS, gaining valuable experience from work projects, real-life scenarios, and mentoring from DHS cybersecurity professionals.

Many cybersecurity internships look for students enrolled in a cybersecurity-related field, in STEM or computer science. Additionally, any experience students can get (such as working as a teaching assistant) will help set them apart while applying for internship opportunities. If students aren't sure where to find these internship opportunities, they can also consult their college's career center.

3. Drive Awareness of Cybersecurity Jobs
Studies show most millennials aren't aware that jobs in cybersecurity even exist. Government, businesses, and our education systems must collaborate and thoroughly train the future generation of cyber defenders. Because many STEM colleges now offer cybersecurity as a degree concentration, driving awareness of these programs is key to increasing the pool of skilled workers.

But it's not enough to increase the awareness of these jobs; you must be able to attract the talent that you need. Along with attending career fairs, businesses should find ways to attract digitally savvy college graduates. Many recent graduates list flexible scheduling, ongoing education, and continuous feedback as important factors when deciding on a job offer. If companies can tailor their programs to reflect what potential employees are looking for, they could attract and keep top-tier talent.

Technology company CSRA recently opened its Integrated Technology Center in Bossier City, Louisiana, with the goal of helping the federal government fight cyber terrorism. The company boasts an internship program in which about 85% of their interns stay on for a full-time job after graduation.

4. Instruct with Industry Tools and Technology
As new technology emerges, much of cybersecurity remains uncharted territory. However, implementing industry tools and technology into a student's curriculum can be the solution we need to thwart new, unfamiliar threats.

To train students more effectively, many universities now offer cybersecurity labs with cutting-edge equipment like comprehensive risk assessment, incident management services, and encryption simulations.

5. Training the Current Cybersecurity Workforce
Industry, governments, academia, and nonprofits should work together to aggressively address the need for a skilled cybersecurity workforce. The U.S. Bureau of Labor Statistics says the demand for cybersecurity professionals will grow 53% by the end of 2018. To successfully prepare our workforce, we must upgrade our current cybersecurity professionals by providing on-the-job training and improving cybersecurity education programs.

Related Content:

Kyle Martin brings 11 years of storytelling experience to the content coordinator position at Florida Polytechnic University. In this role, Martin develops original content that showcases the university experience as a way to attract new students and faculty. He also lends ... View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
jeffluszcz
50%
50%
jeffluszcz,
User Rank: Apprentice
3/1/2017 | 1:59:37 PM
Cybersecurity is a basic life skill
I really like the point about starting cybersecurity in grade school. This is a basic life skill for people in the 21st century. Even 5 and 6 year olds are making security choices for the entire household.

 
JustinS40501
50%
50%
JustinS40501,
User Rank: Apprentice
2/17/2017 | 3:20:03 PM
Nonprofit Orgainizations are especially in need of consultants and cybersecurity tools.
Orgizations developed primarily for the public good are particularly at risk and devoid of expertise and best practices.  Cybersecurity firms of the future should take special care of these orgainizations as well as the anaylitics that can be gleaned from common interests and public information. 
JustinS40501
50%
50%
JustinS40501,
User Rank: Apprentice
2/17/2017 | 3:19:58 PM
Nonprofit Orgainizations are especially in need of consultants and cybersecurity tools.
Orgizations developed primarily for the public good are particularly at risk and devoid of expertise and best practices.  Cybersecurity firms of the future should take special care of these orgainizations as well as the anaylitics that can be gleaned from common interests and public information. 
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
CVE-2018-20154
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
CVE-2018-20155
PUBLISHED: 2018-12-14
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.