How to Foster the Next Generation of Cyber Warriors

March 1, 2018

Today, cyber breaches cost the U.S. more than $100 billion a year. While organizations are actively procuring new cybersecurity technology, they’re not investing enough in people, skills and talent. And according to ISACA, a non-profit information security advocacy group, a global shortage of two million cybersecurity professionals is expected by 2019.

Attracting and retaining cybersecurity professionals is more critical than ever, and building the next generation of “cyber warriors” to protect our technology infrastructure will ultimately rely on one thing – education.

Cybersecurity should be top of mind for most institutions, and education is no exception. In fact, specialized areas like cybersecurity and data analytics have become some of the most popular disciplines in online education. Whether it’s a brick and mortar institution, an online degree program or an industry certification, cybersecurity education is on the rise – and just in time.

As cyber professionals and security leaders, we need to know how a strong cyber curriculum can stay ahead of the curve and evolve with today’s changing technology – every step of the way.

Introduce Cybersecurity into All Disciplines

The basics of cybersecurity should be embedded into general education requirements just like the fundamentals of mathematics and language arts. As users of devices and the internet, we’re all vulnerable to risk today and need to know the basics of privacy and security.

Since cyber safety touches nearly every industry, awareness and education is critical for all students, regardless of their chosen field of study. But some areas, particularly healthcare and Industrial Control Environments (ICS), are becoming increasingly vulnerable to the cyber risks of IT systems, viruses and ransomware, and training cyber professionals to manage these risks will be more critical than ever.

Balance the Technical vs. Non-Technical

Risk management, data mining, physical security and statistical analysis are just some of the technical courses generally required in a cyber curriculum, but a non-technical skill set can be just as valuable to a career in the cybersecurity field. Strong non-technical skills provide a unique perspective that can enhance the capability of an IT team, while enabling the technical skilled team to focus on what they do best. Designing a curriculum that also addresses non-technical skills adds a broader capability to the technical team, offering a different perspective that is aligned with the business strategy, and provides valuable resources to aid in the minimization of critical tasks.

Leverage the Right Certifications

Not all cybersecurity jobs require a four-year degree. In fact, many IT positions today only require an industry certification. Recommended certifications include Security+, Systems Security Certified Practitioner (SSCP), Network+, Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP) and the GIAC Penetration Tester (GPEN). Hands-on certification programs can equip professionals with the specialized knowledge they need to pursue a career in cybersecurity as a security analyst, security specialist, certified penetration tester and certified ethical hacker.

Align Curriculum with National Cybersecurity Guidelines

To keep up with the demand for new cybersecurity workers, agencies like the Department of Homeland Security (DHS) and National Security Agency (NSA) are supporting initiatives for open cybersecurity education. From elementary to the postgraduate level, we’ll see a greater focus on the science, technology, engineering and math (STEM) disciplines.

Currently, the NSA and DHS are jointly sponsoring the National Centers of Academic Excellence in Cyber Defense (CAE-CD) to allow participation from four-year colleges, graduate-level universities and Department of Defense schools as designated by the Carnegie Foundation Basic Classification system. To date, more than 200 universities (out of the estimated 5,300 in the U.S.) have achieved the CAE-CD designation. This process includes an application checklist to assess the strength of the institution cybersecurity curriculum, which is followed by an independent assessment by a qualified cybersecurity professional to determine the rigor of the curriculum offered to the students.

National cybersecurity competitions and cybersecurity scholarships tied to future service and the formation of cybersecurity centers of academic excellence in colleges and universities also support the concerted approach to an open education cybersecurity curriculum.

We live in a digital culture full of benefits and risks, which is why we need a robust legion of cyber warriors at the ready. Providing them with the best education and hands-on training and experience will be one of our strongest lines of defense in protecting our technology infrastructure.

Kenneth L Williams, Ph.D. CISSP, is director of the Center for CyberDefense at American Public University System. As a member of the National CyberWatch Center's (NCC) Curriculum Standards Panel, he is helping to develop the nation’s first Open Education cybersecurity curriculum.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 November

This month, Security magazine brings you the Security 500 Report, Rankings and Thought Leader Profiles. How does your enterprise compare to others? Which security programs are leading the way? Also this month, we highlight how to plan, prepare for and build resilience to protests and other unplanned events, video surveillance tools for SMBs and more.

View More Create Account

How to Foster the Next Generation of Cyber Warriors

Related Articles

Related Products

Related Events

Report Abusive Comment