Filling the Cybersecurity Talent Shortage: An Educator’s Perspective
We’re one month into a new year, and I thought it would be a good idea to highlight a common concern from previous years that should be top of mind for all, particularly in the area of cybersecurity. This concern is focused on the cybersecurity talent shortage of professionals in the workforce. In 2023, the cybersecurity talent shortage reached new levels (4 million to be exact), and there doesn’t appear to be any signs of this trend slowing down.
As organizations continue to struggle to hire and maintain employees focused on the mitigation of cyber risk events for organizations and institutions, there has been a steady increase in enrollment for cyber-related degrees. There are a few cybersecurity jobs that require a high school diploma, however, a degree in cybersecurity can ensure adequate salary and growth opportunities for the future.
As educators, we have to be prepared to meet this demand by ensuring students are ready to hit the ground running once they walk across the stage and obtain their degrees. Chances are, there will be opportunities waiting for them soon after they graduate. However, in the meantime, I would like to highlight some potential trends that educators should be prepared to address as the media, guidance counselors, family members, and other influential figures in a student’s life encourage a career path in cybersecurity starting with formal education.
Professional Certifications: Key Skills and Knowledge Required in Cybersecurity
Without fail, in every course that I teach, there are students who inquire about cybersecurity certifications. There are always varying opinions on certifications, however, my advice to students is to obtain their degree first, and then determine which career path to pursue. In some instances, a job opportunity will guide a student to a certain career path which may provide clarity on a certification to pursue.
Adding a certification to a cybersecurity degree creates a bridge to the future in terms of a career path. We can all agree that technology is constantly changing, and a degree will provide critical thinking skills and collaboration, while a certification will ensure a student’s skills are constantly updated based on the need to recertify every 2-3 years. Also, in terms of a cybersecurity degree, a student will be able to take advantage of cyber security internships or technical associate programs that in most cases lead to permanent job opportunities.
When providing advice to students about certifications, I try not to focus on a specific vendor or product-related certification. I always encourage students to explore various options based on where they would like to be in 3-5 years.
Emphasize on Hands-On Experience in Your Coursework
It’s safe to say that many students new to the area of cybersecurity will not have any experience at all in the field, and that’s perfectly fine. It’s always good to start with the basics of confidentiality, integrity, and availability in terms of theory, and hands-on labs. Many publishers offer online cloud-based cybersecurity labs where students can become immersed in a “real world” environment to solve a problem. Labs provide a safe environment for students to experiment and explore.
Additionally, the benefit of online cloud-based labs is that the students are not required to install any software on their personal machines if they are attending courses online. Instead, a virtual environment is spun up that reinforces fundamental cybersecurity concepts as well as network troubleshooting and risk management.
When incorporating labs into your courses, I highly suggest that you perform a test run of each lab. This ensures that you can identify any issues before the class begins, and you will be able to answer any questions based on your exposure to the lab material. During my teaching tenure, I’ve administered labs during in-person classes where I’ve had to keep a gold image of each machine in the classroom in the event that something goes awry with a student's lab, or the host machine. I will tell you that cloud-based virtual labs have been a game changer. If something goes wrong, you can terminate the session and start over. No more hard drive imaging. After all, it is the 21st century.
In some instances, you may encounter several students who have hands-on cybersecurity experience and would like to pursue a degree for career advancement. I’ve found that labs level the playing field to ensure that everyone learns a common way to solve a problem, mitigate risk, or master a key concept from your course material. It’s always a good idea to understand what skill sets your students have. This will allow you to tailor your course content based on the audience. This approach may be second nature to many educators, but I wanted to emphasize this approach to any new cyber educators just starting their careers.
Educators are Learners, Too
As previously mentioned, it’s important to test drive labs before students begin using them to ensure that everything is working properly. It’s also important to note that we as educators should constantly look to upskill as well in various areas of cybersecurity.
I’ve learned over the years that it’s critical to keep my skills relevant with new material for teaching. As cybersecurity educators, we have to stay on top of trends to prepare students for their careers. Applying logic, it’s not too far-fetched to assume that a shortage of cybersecurity professionals can easily align with a shortage of cybersecurity educators.
As an educator, credentials and experience are imperative. To stay relevant in the field of education, it’s a good idea to stay abreast of new technology and cyber risk events. Conducting this research and self-development will not only ensure that you are giving students the best education, but you are also staying relevant in an industry that will see a shortage of talent for years to come.
As I always say, if you build a 10-foot wall, someone is already working on building an 11-foot ladder. Therefore, it’s crucial to keep in tune with the latest cybersecurity developments and skills.
The cybersecurity talent shortage should be top of mind for all educators, and we must prepare for an increase in enrollment by becoming career counselors and not being afraid of getting our hands dirty to learn new skills.
Expanding Your Cybersecurity Education Program
As a cybersecurity educator, you don’t have to grow your program alone. In "Expanding Your Cybersecurity Education Program," you’ll get all the most up-to-date guidance, information, and resources needed to scale your cybersecurity program no matter where you teach, freeing you up to do what you do best: Teach your students.
Download the GuideAbout the Author:
Rodney F. Davis is an adjunct professor at Syracuse University’s College of Professional Studies where he teaches courses focused on Enterprise Risk Management, Cybersecurity, Networking, Forensic Accounting (Fraud Prevention), and Vendor Risk Management. Rod has a total of 29 years professional experience, 27 of which are focused on operational risk, regulatory oversight, technology, and cyber security within the financial services industry. Rod is also a member of an international team of cyber risk professionals responsible for creating and approving certification exam items for ISACA (Information Systems Audit and Control Association).
Related Content: