The (ISC)2 Foundation and University of Phoenix recently conducted a National Roundtable on Cybersecurity Workforce Competencies. At the (ISC)2 Congress, co-located with ASIS International, in Atlanta, a panel discussed the roundtable findings and the steps being taken by the educational institutions developing tomorrow’s cybersecurity talent.
The 15 cybersecurity experts and thought leaders who took part in the roundtable identified three main gaps in the cybersecurity workforce readiness: The competency gap; the professional experience gap; and the speed-to-market gap.
All too often, commented moderator Rico Singleton, director of technology at the Apollo Education Group, “Hiring managers expect a portfolio of experience in order to hire into a position”, meaning that it’s very difficult for graduates to get their first role. “It’s a chicken and egg situation”, he commented.
Recommendations for higher education institutes to address the competency gap include integrating problem-based learning and the promotion of personnel effectiveness and soft skills.
“A strategic and tactical knowledge balance is essential to bridging this gap”, said Dr Diane Murphy, professor and chair of information technology and management science at Marymount University.
Further recommendations included ensuring alignment with industry certifications, and emphasising and encouraging workforce experience and internships.
Dr Vernon Ross Jr., director of STEM, generations and higher education at Lockheed Martin Corporation, spoke of the Lockheed Martin internship program.
“Lockheed formed an alliance with 18 different vendors and organizations, including (ISC)2, McAfee, Dell and Microsoft to build a cyber-centre, and we have partnered with universities with strong cybersecurity programs to work on the curriculum.” Further, Lockheed Martin has given out Masters scholarships to undergraduates to pursue a Masters degree in cybersecurity. “Those individuals then intern with Lockheed after their degree and – depending on performance – are guaranteed a full-time position afterwards.”
This partnership with academia has paid off, he explained, as it fuels the Lockheed talent pipeline. “There’s a war on talent so it’s incumbent on Lockheed Martin to do the best we can with the summer intern program”.
Addressing the aforementioned alignment with industry certifications, Dr Rae Hayward, senior manager of education programs at (ISC)2 explained that certification and education go hand in hand. “Certification validates the knowledge that people have and is a marker for who is qualified to go out in the workplace.”
There’s a war on talent so it’s incumbent on Lockheed Martin to do the best we can with the summer intern programDr Vernon Ross Jr., director of STEM, generations and higher education at Lockheed Martin Corporation
(ISC)2, explains Hayward, has introduced a strategic initiative for global academic partnering with universities to incorporate curriculum into their education programmes. “This means that students are qualified to take certification exams once they graduate. We offer scholarships too”, she added.
Dr Vernon Ross Jr. reinforced the importance of certifications. “The DoD requires certification on a certain level. Some of our customers also stipulate that individuals working on their programs must be certified.” To put this into context, he admitted that over the last few years, Lockheed Martin has won $5bn of cybersecurity work due to being able to demonstrate a certified workforce.
Murphy encouraged organizations to consider offering scholarships where possible. “It’s also a great PR opportunity”, she said.
Singleton also outlined the recommendations given to both employers and industry associations in order to close the professional experience gap:
For employers:
- Promote higher education partnerships
- Develop and fund experiential programs
- Hire interns
For Industry Associations:
- Support student memberships
- Conduct chapter outreach
- Increase industry access
- Share standards and best practices