The UK government’s “Fatima” cybersecurity career advert last month, in which a poster of a ballet dancer was accompanied by the caption her “next job could be in cyber – she just doesn’t know it yet,” led to widespread criticism for its insensitivity towards the arts, which has been hit especially hard by the COVID-19 pandemic. Yet its core message, that those working in other industries should consider retraining for a career in cybersecurity, has some merit, particularly in light in the huge job losses in many parts of the economy this year. Even prior to COVID-19, the skills shortage in IT security was estimated to be in excess of four million, and the growing reliance on digital technology, including through remote working since lockdown measures were introduced, has only further exacerbated the demand for cybersecurity roles.
Ensuring a wider pool of talent enters the sector is therefore vital to addressing this skills gap, and that is a key purpose of Staffordshire University’s Cybersecurity BSc (Hons) degree. The UK university has been one of the first to offer a focused undergraduate course in this area; this goes against the grain to some extent, with cybersecurity professionals’ educational backgrounds often residing in more general IT subjects such as computer science. Dr Vahid Heydari, cybersecurity course leader at Staffordshire University London, commented: “The more focused cybersecurity course is getting greater appreciation from the industry. We know the current market for jobs in this field and one thing our students think about is making themselves as employable as possible after graduating. So that makes a more focused course more attractive because as soon as they get a cybersecurity degree there is a huge pool of jobs to apply for.”
With this point about future employment prospects in mind, Staffordshire aims to attract students from a vast range of backgrounds to its cybersecurity course, including from humanities and the arts. For this reason, the first year of the course provides a foundation in the subject, including in computing and maths. “We have students with history and arts backgrounds, but at some point in time, because of the job market and landscape, they decided to do a cybersecurity course and that’s why we don’t make assumptions in regard to their programming and maths skills,” explained Dr Heydari.
“We have students with history and arts backgrounds, but at some point in time, because of the job market and landscape, they decided to do a cybersecurity course”
The university therefore pursues a range of outreach programs to schools and colleges, and has a particular focus on diversity and inclusion to encourage women and members of the BAME community, typically underrepresented in cybersecurity, to enrol. For instance, Dr Heydari highlighted that Staffordshire offers additional language courses to those for whom English is not their first language.
Staffordshire University’s campus in London, where Dr Heydari is based, is in an ideal location from a cybersecurity point of view. It is based in the Queen Elizabeth Park in Stratford, on the doorstep of the London Office for Rapid Cybersecurity Advancement (LORCA), a government-backed program that aims to act as a launch-pad for cyber-companies through innovation and commercialization consultancy, product development and access to industry. The program has surpassed expectations during its first two years, already raising over £150m in investment in that time.
This provides cybersecurity students with great opportunities. This is primarily in the form of guest speakers and the ability to establish good connections in the sector, and Dr Heydari noted that “students with good ideas are coming out of this degree and use this link to LORCA to connect themselves in cybersecurity.”
In terms of the course structure, which has been accredited by the British Computing Society (BCS), Dr Heydari explained that it has tailored its content around the National Cyber Security Centre (NCSC)’s Cyber Security Body of Knowledge (CyBOK) project. This seeks to codify cybersecurity knowledge and has been agreed upon by major universities and industry. With these principles in mind, Staffordshire’s course is divided into 12 modules, four per year across the three years. As alluded to earlier, the first year primarily gives a foundation in computer science and mathematics, before a much greater focus on cybersecurity in the second year. There is more flexibility in the third and final year, in the form of the students’ chosen project. There is also an ‘Advanced Topics in Cybersecurity’ module in the final year, which Dr Heydari said “is important because the future in our minds will have two angles: one is AI and the other is cybersecurity, so this module bridges AI motion learning techniques and the latest advancements in relation to cybersecurity.”
Fundamentally, focused cybersecurity courses are likely to become increasingly important in the years ahead as jobs in the sector continue to surge, in stark contrast to many other industries. Dr Heydari highlighted the huge range of opportunities available to graduates in this area. “If you’re interested in the less technical side of the industry and more human-oriented aspect of cybersecurity, there are lots of opportunities with law agencies. Cybersecurity human factor is another angle, including risk management and governance,” he outlined.
“Those who are interested in the technical side of the industry can go for security roles from engineer to manager – any role involving IT security. They deal mainly with the more technical side of the story like distributed systems, security malware and network security measures.”
Dr Heydari noted that other students won’t necessarily pursue a career directly in cybersecurity, and instead move into areas like software development, for which they will have a distinct advantage. “The good thing is that these people already have a cybersecurity manual in their mind when they face IT problems, which is beneficial to their employers,” he added.
The concept of a focused cybersecurity degree is still a relatively novel one, and Dr Heydari acknowledged there remains some scepticism about its merits. However, the benefits are becoming increasingly apparent – both for organizations across all sectors that need skilled IT security personnel as they move to greater digitalization, and for students themselves, to enhance their future employment prospects in the midst of a global economic crisis.