Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operations

11/22/2016
10:30 AM
Mike Baukes
Mike Baukes
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail vvv
50%
50%

Raising The Nation's Cybersecurity IQ: 'Learn To Code'

We need to ensure that the students of today are prepared for the security challenges of tomorrow.

"Learn to code." In recent years, this has been the mantra of educational modernization.  

The ability to understand and mobilize information technology remains vital, but the goal line has been moved. It's no longer enough to understand basic technical literacy — we must make sure that our students are prepared to tackle one of the greatest issues of our time: cybersecurity.

The cybersecurity skills shortage is well known to employers — there is a shortfall of around 1.6 million cybersecurity professionals. To help with this, the National Security Agency recently launched a Day of Cyber initiative in Virginia to run a statewide program to help students learn the skills of cybersecurity professionals and explore career opportunities in the field. The program, which began in late October and runs through March 2017, allows students to take part in real-life virtual cybersecurity scenarios and receive a Cyber Resume and NSA Certificate of Completion.

This kind of initiative is vital, and more states and schools must step up efforts to solve this critical national shortfall. Cybersecurity is one of the major issues of our time — it's a skill we should have collectively developed yesterday but we must invest in doubly today.  

The industry's surging need for cybersecurity professionals certainly isn't up for debate. In 2015, over 209,000 cybersecurity jobs went unfilled, and industry job postings are up 74% over the last five years. For better or worse, the countless breaches over the years have spawned a booming industry — cybersecurity is expected to be a $170 billion market by 2020.

Despite the huge need for these professionals, our education system has yet to instill a framework for adequately preparing students to take on these jobs. For instance, 75% of IT decision makers surveyed in a recent Intel Security report noted that the government was not investing enough in cybersecurity education to sufficiently tackle the challenge. Some private companies have tried taking the helm instead — Cisco, for instance, just launched a $10 million scholarship aimed directly at filling the void in cybersecurity professionals.

If you're someone who already majored in a non-STEM (science, technology, engineering, and mathematics) field, this enormous opportunity is still open to you. As with computer programming, even if you aren't fluent in the language, you still need conversational proficiency — what we refer to as "cyber literacy." The most common reasons for data breaches are phishing and social engineering, which are relatively low-tech attacks that prey on people's carelessness and naïveté. Every person in a company is a security risk, and whether they're administering databases or taking coffee orders, candidates who understand common threats are vastly more valuable than those who expose a business to catastrophe.

The opportunity to capitalize on the cybersecurity boom is even bigger for those who aren't already technology savvy. The biggest hiring blocker for cybersecurity professionals is knowledge of the business. Back in 2014, 50% of organizations reported that fewer than half of the candidates they looked at were considered qualified. In 2015, that went up to 59% of respondents noting the lack of qualification of half of the job candidates. This shows that post-grads who complement existing skills with a cybersecurity mindset could successfully enter the market.

The constant threat of breaches and cyberattacks is real and growing. If today's students — and those already within the workforce — want both job security and a way to contribute to a critical part of the technology industry, then studying and developing skills in cybersecurity isn't just an elective. It's an imperative.

Related Content:

Mike Baukes is co-founder and co-CEO of UpGuard, a cyber resilience company based in Mountain View, California. View Full Bio
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
kasstri
50%
50%
kasstri,
User Rank: Strategist
12/1/2016 | 11:54:23 AM
Re: keydown
Even without a specific focus on cybersecurity, learning to code is good for general .
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
11/29/2016 | 1:16:55 PM
Re: Cyber security
@Dr.T: Respectfully, I very much disagree.  The "shortage" of cybersecurity people is a mostly false one.  The real problem is age discrimination and companies not wanting to pay IT people what they're worth.

Instead, what a lot of companies do is offer salary packages that are far below market rate and then whine to the government that there's a shortage so that they can get H1-B and L-1 Visas approved for cheap overseas labor to be brought in.  Then they lay off their existing workforce (but not before having the people they're laying off train their replacements).

Rinse and repeat.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
11/29/2016 | 1:13:05 PM
filmy religijne
@Dr.T: Ignore it--and don't click.  It's spam/phishing.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
11/29/2016 | 1:11:52 PM
Re: Even w/o specific infosec education...
@Dr.T:

>they get better understanding what might be the problem.

And, for that matter, preventing problems in the first place.
kasstri
50%
50%
kasstri,
User Rank: Strategist
11/29/2016 | 12:55:42 PM
Re: keydown
Even without a specific focus on cybersecurity, learning to code is good for general 
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/29/2016 | 12:01:41 PM
Cyber security
I agree, we are in shortage of Cyber security staff, this was not the case not long ago. These recent attacks scared people quite well.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/29/2016 | 12:01:06 PM
Re: filmy religijne modlitwa o cud
What exacly are you refering to?
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/29/2016 | 12:00:08 PM
Re: Even w/o specific infosec education...
" fancy GUIs we have now"

Another good point. Even Linux is more GUI then not anymore. Things become easier of course.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/29/2016 | 11:57:24 AM
Re: Even w/o specific infosec education...
"Even without a specific focus on cybersecurity, learning to code is good for general "

I agree. Coding provides more insight into security of the systems, they get better understanding what might be the problem.
Dr.T
50%
50%
Dr.T,
User Rank: Ninja
11/29/2016 | 11:55:23 AM
Learn to code
 

Learn to code becomes popular among younger generation simply because we figured out to make it very simple to code and most people would like to build something and interact with it.
Page 1 / 2   >   >>
97% of Americans Can't Ace a Basic Security Test
Steve Zurier, Contributing Writer,  5/20/2019
How Security Vendors Can Address the Cybersecurity Talent Shortage
Rob Rashotte, VP of Global Training and Technical Field Enablement at Fortinet,  5/24/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-7068
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7069
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7070
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7071
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
CVE-2019-7072
PUBLISHED: 2019-05-24
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .