Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

6/14/2016
03:10 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Cisco Invests $10 Million To Tackle Cybersecurity Talent Gap

The company's Global Cybersecurity Scholarship program is looking to diversify the talent pool by working with veterans, women and those early in their careers.

Cisco launched a $10 million scholarship program and enhancements to its security certification portfolio to address the cybersecurity skill shortage being felt by businesses and government organizations globally.

It takes companies as long as six months to find qualified security candidates, according to The Information Systems Audit and Control Association (ISACA). This comes at a time when businesses are struggling to keep pace with cyber attackers as exploits become more frequent, sophisticated, and damaging.  These attacks are increasingly launched by well-funded organizations.

What’s more, industry reports estimate that it takes companies well over three months to determine that systems have been compromised, says Tejas Vashi, senior director of Cisco Services.  According to the Cisco 2016 Annual Security Report, 59% of the security professionals surveyed said their organization’s security infrastructure was up-to-date and constantly upgraded. “But 41% are openly saying, ‘we are not ready,’” Vashi says.

Additionally, many organizations do not think they have enough qualified professionals to adequately deal with security threats, Vashi notes.  According to the State of Cybersecurity; Implications for 2015, by ISACA and RSA Conference, 84% of the security executives surveyed said only half of applicants for security jobs are qualified.  Additionally, they said only 45% can determine the scope of an attack and remediate the damage.

The goal of the Cisco Global Cybersecurity Scholarship program is to address the cybersecurity talent shortage, Vashi says.  Cisco will invest $10 million in a two-year scholarship plan that will offer training, mentoring and certification that align with the security operations center analyst industry job role.  The aim is to provide the on-the-job readiness required to meet current and future challenges of network security. The program will be delivered in conjunction with key Cisco Authorized Learning Partners, Vashi says. Scholarship awards are available from August 1, 2016, until the end of July 2017.

Cisco is looking to bring more diversity into the talent pool by attracting university students just starting in their careers, women in technology, and veterans.  “We want to leverage folks coming out of the universities, who may have done internships and have some understanding of security and IT,” Vashi says.  “A diverse workforce is critical because it allows you to think out of the box and come up with new perspectives.” That diversity could be based on culture, gender or other attributes, he says.  In addition, every year many veterans leave active duty and come into the workforce. So the program will provide an ecosystem to identify and vet qualified candidates who would be interested, he says.

Additionally, Cisco is introducing a new Cyber Ops Certification to its portfolio of security certifications and revising its CCIE Security Certification.  CCNA Cyber Ops focuses on the role of the security analyst working in a Security Operations Center (SOC), which monitors systems and detects attacks. It introduces IT personnel to some of the skills needed in a SOC, giving them an understanding of how responses are coordinated.

The CCNA Cyber Ops expands Cisco’s existing associate-level certification offerings.  This includes the CCNA Security designation, which focuses on the network security administrator role, Vashi says.

The CCIE Security revision addresses new expert-level skills and education needed to prepare security personnel for evolving technologies and security threats, including Advanced Threat Protection, Advanced Malware Protection, Next-Generation IPS, Virtualization, Automation and Information Exchange. The certification also includes a new assessment approach focused on ensuring that candidates demonstrate knowledge and skills with evolving technologies, such as network programmability, cloud computing and the Internet of Things.

“IoT alone is generating more data than ever before and sensors are being put out into the network to drive new business outcomes for industry,” Vashi says.  “Every time you add a new device and information, a new point of vulnerability opens up,” he notes.

Related Content:

Rutrell Yasin has more than 30 years of experience writing about the application of information technology in business and government. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
anglrckx
100%
0%
anglrckx,
User Rank: Apprentice
6/20/2016 | 3:19:59 PM
Re: There is no "cybersecurity talent gap"
I totally agree!!!!!!!!!!!!!!!!!!  Well said.
anglrckx
100%
0%
anglrckx,
User Rank: Apprentice
6/20/2016 | 3:18:37 PM
Re: new to information and technology
Thank You!!!!!!  I just signed up, I do have the requirements.
Michael	B333
100%
0%
Michael B333,
User Rank: Apprentice
6/18/2016 | 9:27:03 PM
There is no "cybersecurity talent gap"
Sigh.  There is no "cybersecurity talent gap".  THere are many great cybersecurity/infosec people looking for work and not able to find it.  MAYBE in some areas, and MAYBE for certain skill set there are limited numbers, but overall, no.

A lot of this so-called skills/talent gap is actually caused by the companies themselves.  Too many are trying to make senior level people take on entry level jobs at entry level pay (the old "2 years experience and a CISSP" garbage).  Or unrealistic skill/talent sets (basically looking for someone with the skill set of 3 people), which is known as "looking for a purple squirrel").  Too often companies turn good people away because they are missing 1 or 2 skills, because they don't want to let the person grow into the job (want them to "hit the ground running, etc").

So pumping out newbies doesn't help things and certainly doesn't help those looking for work.

 
JesseT306
50%
50%
JesseT306,
User Rank: Apprentice
6/16/2016 | 7:16:32 PM
Re: new to information and technology
Yes, I will definitely follow this on aug. 1st. Thanks, Jesus
JesseT306
50%
50%
JesseT306,
User Rank: Apprentice
6/16/2016 | 7:16:31 PM
Re: new to information and technology
Yes, I will definitely follow this on aug. 1st. Thanks, Jesus
ryasin
100%
0%
ryasin,
User Rank: Author
6/16/2016 | 6:49:56 PM
Re: new to information and technology
Hello,

Scholarship awards are available from August 1, 2016, until the end of July 2017.

To learn more about the Cisco Cybersecurity Scholarship Program visit: https://mkto.cisco.com/Security-Scholarship.html.

I hope this helps.
JesseT306
100%
0%
JesseT306,
User Rank: Apprentice
6/14/2016 | 10:57:27 PM
new to information and technology
im currently attending a university for cyber security, my question is will this program offered still be available in the year 2020 when i graduate?
Microsoft Patches Wormable RCE Vulns in Remote Desktop Services
Kelly Sheridan, Staff Editor, Dark Reading,  8/13/2019
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
GitHub Named in Capital One Breach Lawsuit
Dark Reading Staff 8/14/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-15237
PUBLISHED: 2019-08-20
Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks.
CVE-2019-15228
PUBLISHED: 2019-08-20
FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account but can also impact unauthenticated visitors.
CVE-2019-15229
PUBLISHED: 2019-08-20
FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of the Admin console. This could lead to an attacker tricking the administrator into executing arbitrary code via a specially crafted HTML page.
CVE-2019-15231
PUBLISHED: 2019-08-20
Webmin 1.890, in a default installation, contains a backdoor that allows an unauthenticated attacker to remotely execute commands. This is different from CVE-2019-15107. NOTE: as of 2019-08-19, the vendor reports that "at some point" malicious code was inserted into their build infrastruct...
CVE-2019-15232
PUBLISHED: 2019-08-20
Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and Matroska file demultiplexors.