CybersecurityClosing the Skills Gap in the Cyber Workforce
There are currently more than three million unfilled cybersecurity jobs globally, and, as high-profile incidents like the Solar Winds attack demonstrate, it is vital to address that shortage. But it is difficult for organizations to find and recruit the cyber talent they need.
Gather any group of industry and government leaders concerned with the security of their online systems (and who isn’t?), and you’ll hear a common refrain: it’s difficult for organizations to find and recruit the cyber talent they need. Most sources agree that there are currently more than three million unfilled cybersecurity jobs globally, and, as high-profile incidents like the Solar Winds attack demonstrate, it is vital to address that shortage.
When SecureWorld, a group devoted to exploring global IT security issues and sharing critical knowledge and tools needed to protect against ever-evolving threats, convened an expert panel last month to discuss the state of the cyber workforce, they invited Nasir Memon, Vice Dean for Academics & Student Affairs, Head of Tandon Online, and a Professor of Computer Science at NYU Tandon. Memon had introduced cybersecurity studies to NYU Tandon back in 1999 and had been responsible for launching the school’s Offensive Security, Incident Response, and Internet Security (OSIRIS) Lab; CSAW, the world’s largest student-run cybersecurity competition; and the Tandon Bridge program and Cyber Fellows initiatives, aimed at attracting nontraditional students to STEM fields. Memon also helped found NYU’s Center for Cyber Security, an interdisciplinary institute dedicated to training cyber professionals
Among the major points Memon made in his presentation at the SecureWorld event:
· Private industries and government agencies must partner with institutions of higher learning to eliminate any disconnect between traditional academic approaches and their current needs: such partners can highlight gaps in the curriculum, point out new trends and needed skillsets, advise on course development and research activity, and engage directly with students as mentors and guest lecturers
· There must be a wide variety of pathways into the cybersecurity workforce for people in underrepresented groups or for those who lack traditional STEM-focused backgrounds
· Educators must employ different formats and methods for different groups, such as offering certificate programs to mid-career professionals and entry-level bootcamps
· Employers should seek to recruit from internal departments such as Audit, Compliance, Operations, and IT, whose members may have an interest in and aptitude for cybersecurity; with upskilling, they can also serve as carriers of organizational culture, extending a company’s cyber mindset and mandate
The panel was moderated by Joel Caminer, Senior Director of Cybersecurity Education at NYU Tandon, who pointed out that its members had all forged valuable partnerships with the school, giving their time and expertise to the NYU Tandon Online Advisory Council, supporting the Industry Partner badge initiative, and spreading the word about Tandon’s high-quality master’s program.
Other participants in the panel discussion:
· Geoff Brown, CISO of City of New York and Head of NYC Cyber Command, who noted that public service can be an exceptionally gratifying career path for cybersecurity professionals, allowing them to defend the defenders.
· Jim Routh, Private Sector Security and Risk Advisor, who advised hiring managers to snap up cybersecurity talent as soon as they come across it — whether there are open positions or not.
· Liat Krawczyk, AVP of Emerging Tech at the NYC Economic Development Corporation, who emphasized the need for educational institutions to teach both technology knowledge and soft skills so graduates are ready to dive immediately into their vital new roles.