"Learn to code." In recent years, this has been the mantra of educational modernization.
The ability to understand and mobilize information technology remains vital, but the goal line has been moved. It's no longer enough to understand basic technical literacy — we must make sure that our students are prepared to tackle one of the greatest issues of our time: cybersecurity.
The cybersecurity skills shortage is well known to employers — there is a shortfall of around 1.6 million cybersecurity professionals. To help with this, the National Security Agency recently launched a Day of Cyber initiative in Virginia to run a statewide program to help students learn the skills of cybersecurity professionals and explore career opportunities in the field. The program, which began in late October and runs through March 2017, allows students to take part in real-life virtual cybersecurity scenarios and receive a Cyber Resume and NSA Certificate of Completion.
This kind of initiative is vital, and more states and schools must step up efforts to solve this critical national shortfall. Cybersecurity is one of the major issues of our time — it's a skill we should have collectively developed yesterday but we must invest in doubly today.
The industry's surging need for cybersecurity professionals certainly isn't up for debate. In 2015, over 209,000 cybersecurity jobs went unfilled, and industry job postings are up 74% over the last five years. For better or worse, the countless breaches over the years have spawned a booming industry — cybersecurity is expected to be a $170 billion market by 2020.
Despite the huge need for these professionals, our education system has yet to instill a framework for adequately preparing students to take on these jobs. For instance, 75% of IT decision makers surveyed in a recent Intel Security report noted that the government was not investing enough in cybersecurity education to sufficiently tackle the challenge. Some private companies have tried taking the helm instead — Cisco, for instance, just launched a $10 million scholarship aimed directly at filling the void in cybersecurity professionals.
If you're someone who already majored in a non-STEM (science, technology, engineering, and mathematics) field, this enormous opportunity is still open to you. As with computer programming, even if you aren't fluent in the language, you still need conversational proficiency — what we refer to as "cyber literacy." The most common reasons for data breaches are phishing and social engineering, which are relatively low-tech attacks that prey on people's carelessness and naïveté. Every person in a company is a security risk, and whether they're administering databases or taking coffee orders, candidates who understand common threats are vastly more valuable than those who expose a business to catastrophe.
The opportunity to capitalize on the cybersecurity boom is even bigger for those who aren't already technology savvy. The biggest hiring blocker for cybersecurity professionals is knowledge of the business. Back in 2014, 50% of organizations reported that fewer than half of the candidates they looked at were considered qualified. In 2015, that went up to 59% of respondents noting the lack of qualification of half of the job candidates. This shows that post-grads who complement existing skills with a cybersecurity mindset could successfully enter the market.
The constant threat of breaches and cyberattacks is real and growing. If today's students — and those already within the workforce — want both job security and a way to contribute to a critical part of the technology industry, then studying and developing skills in cybersecurity isn't just an elective. It's an imperative.