Professional development

5 cybersecurity talent initiatives working to close the skills gap

March 30, 2021 by Patrick Mallory

As data breaches and cyberattacks get more and more sophisticated and frequent, organizations are feeling the impact of a cyber skills gap even more acutely. 

Even if they have cutting-edge security tools and layered defenses, cybersecurity programs still rely on the experience and effort of security professionals. Unfortunately, the number of experienced and skilled cybersecurity professionals available in the job market is still well below the number of job vacancies. Research organization CyberSeek even calculated the demand outstripping the supply by over 300,000 unfilled cybersecurity roles in the United States.

According to a 2019 U.S. Bureau of Labor Statistics study, the problem is set to get worse before it gets better; demand for experienced cybersecurity professionals is expected to grow by 31% over the coming decade. The result is, based on one study, nearly three out of five cybersecurity professionals believing the cyber skills labor shortage has a “serious” or “very bad” impact on their work. 

With such an outlook, it can be easy for many organizations to just resign themselves to face the road ahead the best that they can. However, there are some innovative and creative programs out there with their cybersecurity talent initiatives working hard to close this skills gap. 

Whether you are looking to gain access to the newest pool of trained cybersecurity professionals or you are looking to break into the field yourself, here are five programs working hard to balance the supply with the demand.

1. The National Cyber Education program 

The National Cyber Education program is a public and private partnership managed by the National Cyber Group (NCG) with a mission to “build a team of cyber professionals who are prepared to meet the needs of our government, defense community and the private sector.”

The NCG works with its federal, state, local and private partners to develop and deliver the National Cyber Education program to K-12 schools across the country, currently serving 30 million students and connecting with 3 million teachers in its online education platform.

According to the NCG, the National Cyber Education program includes:

  • Core curricula cyber content for grades K-12
  • ‍Virtual professional development that improves educator abilities in delivering STEM and cybersecurity content co-curricular
  • ‍Transformative learning tools and curriculum for students to empower them to understand and solve tomorrow’s defining challenges (cybersecurity and beyond) via Discovery Education’s STEM Connect program
  • ‍A careers portal connecting students to cybersecurity opportunities in government and industry
  • ‍Regional conferences connecting guidance counselors, educators and industry professionals
  • Tools for cybersecurity industry partners to engage in their school communities through volunteerism and mentorship

The NCG also offers web-based career discovery tools with career vignettes and access to internship and career opportunities and a professional development aspect with virtual continuing education opportunities. The NCG also relies on the guidance of its expert advisory council to continue to refine the program and provide recommendations to further evolve the curriculum and job training efforts

2. The Cybersecurity Talent Initiative

The Partnership for Public Service graduated their first class of new cybersecurity professionals in federal security positions, a successful beginning to the Cybersecurity Talent Initiative. 

Launched in April 2019, this Initiative selects students from a “diverse cross-section of university graduates to gain cyber work experience in the public and private sectors.” Applicants should have completed a cybersecurity-related degree before the beginning of the twice-yearly program.

Upon completion of either the fall or spring session, which includes hands-on experience in public and private work situations and the assignment of a mentor, graduates can expect to receive up to $75,000 in student loan assistance and a two-year placement in a federal agency with cybersecurity needs. Federal partners include the U.S. Department of Defense, U.S. Department of Energy and Homeland Security, as well as the FBI and Office of Naval Intelligence.

At the end of their federal service, the participants will be invited to apply to full-time positions with the program’s private sector partners, where they can expect to receive further student loan assistance. Private sector partners include Workday, Microsoft and Mastercard.

3. The Aspen Institute’s Cyber & Technology Program

Although the world is a better place because of the rapid growth of technology, the Aspen Institute’s Cyber & Technology Program recognizes that we need “stronger and faster solutions to keep pace with the ever-evolving digital threat landscape.”

To do so, the Cyber & Technology Program offers educational resources, shares best practices across industries and encourages public and private organizations to adopt and implement principles to build a more robust pipeline for cybersecurity talent. These steps, known as the  Principles for Growing and Sustaining the Nation’s Cybersecurity Workforce, include, among others:

  • Changing job qualifications to elevate the importance of real-world skills
  • Rewriting job descriptions to appeal to more diverse job applicants
  • Drawing a transparent career path for cybersecurity workers
  • Launching apprenticeship programs to train candidates
  • Widening the aperture of candidate pipelines by not making degrees a mandatory requirement

To begin the program, the Aspen Institute has brought together a group of 15 major companies who have agreed to implement the principles. These initial members include Apple, Facebook, Google, PwC, Verizon, AIG and IBM.

4. Women in Cybersecurity

Founded in 2012, Women in Cybersecurity, or WiCyS, focuses on “the recruitment, retention and advancement of women in cybersecurity.” 

The program, supported by Tennessee Tech University and the National Science Foundation, includes both a membership program that helps with networking, career development and training, as well as many initiatives, a yearly conference and a mentorship program.

WiCyS also has its own “Job Board ++,” where members can search for and be recruited for an internship, full- or part-time positions and find support from several corporate strategic partners like Google, Cisco, Paloalto, Nike, AWS, Target and more.

These partnerships have also introduced collaborative training programs, including:

  • A national cyber scholarship
  • Google’s training scholarship
  • Target’s Gamified Cyber Challenge Experience
  • AWS’ Jam x Learning series

5. National Initiative for Cybersecurity Education

Like its Department of Commerce parent group, the National Institute for Standards and Technology (NIST), the National Initiative for Cybersecurity Education (NICE) is a partnership of government, universities and the private sector.

Founded in 2008, its mission is to “energize, promote and coordinate a robust community working together to advance an integrated ecosystem of cybersecurity education, training and workforce development.”

To achieve their goals, NICE sponsors a Federal Cybersecurity Workforce Summit, a webinar series, cybersecurity career awareness programs and a K-12 Cybersecurity Educational Conference. NICE also offers:

  • Free online learning content
  • Skills tutorials
  • Veteran resources
  • Research and whitepapers

NICE even hosts a National Cyber Signing Day where high school graduates who “commit to pursue a cutting-edge career in cybersecurity” are honored.

What’s ahead for cybersecurity?

In 2020, the U.S. Cyberspace Solarium Commission reported the cybersecurity talent shortage is driven “by a need for personnel that have specific cybersecurity skills and experience, but they are complicated by hiring, training and development pathways that are not well-suited to recruit and retain those personnel.”

In other words, if a dedicated commission created to “develop a consensus on a strategic approach to defending the United States cyberspace against cyberattacks of significant consequences” sees trouble ahead tied to training and development, we, as a profession, have to do something about future challenges.

That is why initiatives and opportunities like those offered by these five diverse organizations are so exciting. They breathe new life into a long-standing challenge with innovative ideas and creative programming.

Let’s all hope they continue to build momentum, inspire new cadres of security professionals and motivate other organizations to do their part to chip away at this collective obstacle. 

 

Sources

Information Security Analysts, Bureau of Labor Statistics

Cybersecurity Talent Initiative

Supply/demand heat map, CyberSeek

Cybersecurity Talent Initiative resolves to shrink cyber skills gap, student debt, Federal Times

National Cyber Education Program, National Cyber Group

NIST

The Cybersecurity Talent Initiative: Recruiting the next digital defenders, Partnership for Public Service

Minimize the impact of the cybersecurity skills shortage with artificial intelligence, SLASHNEXT

The Aspen Institute

U.S. Cyberspace Solarium Commission

Women in Cybersecurity

Posted: March 30, 2021
Articles Author
Patrick Mallory
View Profile

Patrick’s background includes Strategy and Cyber Risk Services consulting experience with Deloitte Consulting with both States and large Federal transportation and security agencies. He also served 3 years as a Deputy CIO for the City of Raleigh, where he assisted with the implementation of security policies, tools, and employee education initiatives as well as PCI, CJIS, and HIPAA compliance. He currently supports the IT infrastructure for the U.S. State Department.

Patrick also holds CISSP, CISM, and Security+ certifications as well as a PMP. He holds an MS in Information Technology – Cybersecurity and MS Public Policy from Carnegie Mellon University, where he assisted with graduate level teaching in the information security program.