Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security NewswireCybersecurity News

How Cybersecurity Education Aims to Fill the Talent Gap

By John R. South
Cybersecurity Education
John South
Cybersecurity Education
John South
November 2, 2015

The future of cybersecurity in America is in the hands of current and future cybersecurity officers.

Chief security officer is now one of the fastest-growing careers in the cybersecurity space, and colleges and training programs cannot keep up with the growing demand. There are about one million job openings today, and the Bureau of Labor Statistics projects an even greater shortage in the information technology (IT) workforce by 2020. It’s expected that there will be 1.4 million openings, but only 400,000 computer science graduates with the necessary skills to fill the positions.

But hiring managers are already feeling the effects of the lack of qualified cybersecurity candidates. According to a recent 451 Research study, slightly more than a third – 34.5 percent – of security managers cited lack of security expertise as a reason to why they could not fill open positions.

To meet the growing demand and better equip those who are seeking careers in cybersecurity, more colleges and professional organizations are beginning to add degree courses and certificates to their course offerings. The industry is also seeing new certifications available to security practitioners. For example, the Cloud Security Alliance announced in April that it is offering the certified cloud security professional designation.

 

The Professional Drought

The number of data breaches tracked in the U.S. by the Identity Theft Resource Center (ITRC) has jumped from 157 in 2005 to 783 breaches last year, a 200-percent increase over 10 years. The ITRC defines a data breach as “an incident in which an individual’s name plus a Social Security number, driver’s license number and medical or financial record (credit/debit cards included) is potentially put at risk because of exposure. This exposure can occur either electronically or in paper format.”

There have already been 450 breaches and 135,257,677 records exposed this year, according to the ITRC. Between 2005 and July, 28, 2015, the number of breaches total 5,377 and records exposed equal 786,098,214.

While the surge in breaches has been incredibly steady over the last decade, a large number of CEOs and other executives seemed to have only realized within the last few years the value in hiring a senior cybersecurity expert to lead their security programs, thus creating a drought in job pool that was already small.

PwC found a rising concern in cybersecurity threats among the 500 U.S. executives, security experts and others from the public and private sectors who participated in the “2015 U.S. State of Cybercrime Survey.” Of those polled, 76 percent said they are more concerned about cybersecurity threats this year than in the previous 12 months, up from 59 percent in 2014.

And the concern matches an increased investment. Of the U.S. CEOs surveyed in March by the accounting firm BDO USA, LLP, 67 percent said they’ve dedicated more money to cybersecurity measures in the past 12 months. Of the CFOs who upped spending, 90 percent implemented new software security tools and 72 percent created a formal response plan to deal with breaches. Almost half of them turned to external security consultants, while 30 percent hired a chief security officer.

Gartner, a technology research advisory firm, has seen an uptick in spending over the last few years. Businesses and governments around the world spent $71.1 billion safeguarding their data in 2014, up 7.9 percent from a year prior. The IT research firm sees that rate accelerating this year to 8.1 percent, for a total of $76.9 billion. That number is expected to grow to $155 billion by 2019, according to research firm MarketsandMarkets.

Addressing the Demand

The job growth rate for information security analysts is higher than the average for other occupations. Over the last five years, there’s been a 90 percent increase in demand for cybersecurity professionals, which is three times the field’s growth, according to Burning Glass Technologies. The high job growth rate, in turn, is driving a sudden boom in the demand for cybersecurity education, which has higher education institutions studying how to address this demand. According to the Center for Homeland Security and Defense, there are 744 higher institutions that offer programs awarding certificates to doctoral degrees in the industry. The Center for Systems Security and Information Assurance, which provides students with real-world learning experiences in information assurance and network security, has instructed more than 2,000 teachers and college faculty in cybersecurity-related areas since 2004.

As higher education leaders are increasing their program offerings in cybersecurity, some can look to breaches at their own institutions to test their students’ training.

In July, Harvard University discovered “an intrusion” on its computer networks which was made June 19 and affected two IT systems that impacted eight colleges and administrations. Officials with Pennsylvania State University’s College of Engineering said it suffered years-long data breaches traced to China. In December 2010, Ohio State University notified thousands of students and faculty members that their personal information was compromised by hackers who broke into a campus server. Also in 2010, thieves stole $1 million from the University of Virginia after compromising the computer belonging to the university’s controller.

With cyberattacks on the rise at colleges and universities some of the unfilled jobs are right on campuses. But with nearly one million unfilled jobs in the industry, students graduating with a degree in cybersecurity can almost write their ticket to gainful employment. U.S. News and World Reportranked a career in information security analysis eighth on its list of the 100 best jobs for 2015. Editors state the profession is expected to grow at a rate of 36.5 percent through 2022. Average salaries nationally are $91,210, and significantly higher in big cities including San Francisco at $112,320, New York City at $120,460 and Sacramento at $142,200. Founders of successful cybersecurity firms and chief information security officers at large corporations can make as much as $500,000 a year.

 

Program Anatomy

While the choices in programs are vast, Ponemon Institute, a research center dedicated to privacy, data protection and information security policy, ranked the top-rated schools for cybersecurity in the “2014 Best Schools for Cybersecurity” report. IT professionals took a deep dive into programs and looked at more than 400 schools, ranging from two-year colleges to doctoral programs, determining the best programs based on: academic excellence; practical relevance; program faculty's experience and expertise; experience and background of students and alumni; and professional reputation in the cybersecurity community.

 

The following 12 schools ranked the highest:

1.         University of Texas, San Antonio

2.         Norwich University

3.         Mississippi State University

4.         Syracuse University

5.         Carnegie Mellon University

6.         Purdue University

7.         University of Southern California

8.         University of Pittsburgh

9.         George Mason University

10.       West Chester University of Pennsylvania

11.       U.S. Military Academy at West Point

12.       University of Washington

 

Ideally, the end goal for college students and professionals seeking cybersecurity degrees and certificates should be to pass the Certified Information Systems Security Professional (CISSP) exam. The CISSP credential is a common denominator among most security professionals.  It is often the ticket that opens the door from a security opportunity, particularly if the practitioner is relatively new to the profession.

A curriculum for college students and professionals seeking cybersecurity degrees and certificates varies by school. For example, at the University of Tampa, where students can either major or minor in cybersecurity, the course load focuses on both the fundamentals of information systems, as well as, advanced topics in areas, such as network security, cryptography, risk management, security governance, business continuity, security architecture, physical security and critical infrastructures. The program also specifically states it prepares students for the CISSP exam.

Utah Valley University’s new cybersecurity program features five stackable tracks with varying employment level goals in mind. The “stackability” depends upon a student’s desired education and career choices.

And a number of four-year institutions, including Georgia Tech, Georgetown, Drexel and Villanova universities and NYU Polytechnic School of Engineering, are offering cybersecurity certificates rather than degrees.

The United Kingdom mandated in June that any student majoring in computer science or IT must also take cybersecurity courses to address a critical skills shortage in cybersecurity by ensuring more than 20,000 computer science graduates a year study the subject. The directive went into effect in September with a two-year “grace period” for universities to comply with the new teaching criteria.

Realizing the need for cybersecurity experts will not wane anytime soon, the National Security Agency (NSA) and the National Science Foundation (NSF), are trying to get ahead of the demand. The NSA and NSF allocated $4 million this year to run 43 GenCyber summer programs for 1,300 middle and high school students. Students enrolled in GenCyber at universities in 18 states learn about online threats, basic cyber defenses and the ethics of operating in the virtual world.

           
Funding a Secure Future

The majority of cybersecurity education funding comes from the federal government, through various organizations and agencies. Leading the funding charge is the NSF, an independent federal agency that supports fundamental research and education across all fields of science and engineering. In 2014, the NSF awarded $74.5 million in Frontier grants for more than 225 new projects in 39 states. The cybersecurity research and education projects are aimed at minimizing the misuses of cyber-technology, bolstering education and training in cybersecurity, establishing the science of security and transitioning promising cybersecurity research into practice.

In January, the U.S. Department of Energy provided a $25 million, five-year grant to support the creation of cybersecurity education at 13 historically black colleges and universities, two national labs and a K-12 school district.

Some private foundations are supporting cybersecurity education programs. For example, in 2014, The William and Flora Hewlett Foundation announced the distribution of $45 million in grant funding to develop a “marketplace of ideas” for the study of cybersecurity.

The future of cybersecurity in America is in the hands of current and future cybersecurity officers. But until we figure out how to stay one step ahead of hackers, the demand for the best and brightest in the field will continue to increase, resulting in more dollars pumped into the industry.  Unfortunately, faith is slim when it comes to a belief that we can keep cyberterrorists at bay if we cannot bring an increasing number of qualified security professionals into our programs. Sixty-one percent of 1,642 people surveyed by The Pew Research Center and Elon University’s Imagining the Internet Center believe a major cyberattack will happen by 2025, causing widespread harm to a nation’s security and capacity to defend itself and its people. Only a swift increase in the number cybersecurity professionals and a corresponding swift reduction in the number of attacks will restore faith in our ability to effectively fight cybercrime.

KEYWORDS: cyber security education security career security education security talent gap

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

John south

As executive vice president and chief security officer at Heartland, one of the nation’s largest payment processors, John R. South manages all aspects of information security—leading the company’s internal risk assessment programs, which includes protecting sensitive data through risk and threat modeling.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Coding on screen

Research reveals mass scanning and exploitation campaigns

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • cybersecurity-talent-shortage-fp1170b47.jpg

    Why the cybersecurity talent gap exists and how to solve it

    See More
  • cyber 3 responsive default

    Department of Defense and National Security Agency announce new cybersecurity initiative aiming to close the cybersecurity talent gap

    See More
  • cyber security talent gap initiative

    Cybersecurity Talent Initiative announces first class; calls for second class to reduce cybersecurity talent gap

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing