Scholarships aimed at closing cybersecurity talent gap
Cisco, others hope to deepen pool of qualified workers through training
By Jaikumar Vijayan, ThirdCertainty
With the shortage of skilled cybersecurity professionals beginning to assume crisis proportions, some organizations have begun to take matters into their own hands to try and address the problem.
Cisco Systems has jumped on the bandwagon in a big way. The networking equipment giant last Thursday announced a new $10 million scholarship program under which it hopes to train up to 10,000 individuals for careers in cybersecurity operations.
Cisco’s Global Cybersecurity Scholarship program is open to those 18 years or older, who are proficient in English, have some kind of early career security certification under their belt or are military veterans.
The self-paced program involves some 85 hours of instructional study and includes a component where mentors will engage with students at an individual level to train them. Candidates who qualify for the program after a formal vetting process must commit to pursue a career in cybersecurity and be able to complete the training in three months. A college degree is not a requirement to participate in the program.
Individuals who graduate from the program will receive a Cisco Certified Network Associate (CCNA) Cyber Ops certification testifying to their readiness to assume an entry-level security analyst role. The program, according to Cisco, will prepare them to handle tasks like monitoring security systems, detecting cyber attacks, gathering, analyzing and correlating security data, and coordinating incident response.
Creating qualified workers
The scholarship initiative is a response to the deepening cybersecurity skills shortage, said Tejas Vashi, senior director at Cisco Services. “The whole idea behind this is to broaden the talent pool for the industry so customers, or anybody, can get their fair share of the available talent.” Vashi said. Cisco will work with other organizations to try and place candidates who successfully complete the course.
Vashi pointed to a recent study by the Information Systems Audit and Control Association (ISACA) showing growing concern within enterprises about the skills shortage impacting their ability to properly defend against threats. About 60 percent of the respondents in a survey of 461 security managers and practitioners, conducted by ISACA and security vendor RSA between November and December 2015, believed their information security could only handle basic security incidents.
About 62 percent said their information security team was understaffed compared to the 56 percent who had said the same thing in the previous year’s survey. But rather than budget constraints, respondents said their problems stemmed for the dearth of qualified professionals for their needs. Fifty-four percent of the respondents said it took their organizations at least six months on average to find a qualified candidate while 9 percent confessed to being unable to fill all available positions because of a lack of available talent.
Candidates lack skills
Disturbingly, the survey showed that an increasing number of individuals applying for open cybersecurity positions do not have the required qualifications for the jobs, Vashi said. Nearly six in 10 of the respondents in the ISACA and RSA survey felt that more than half of the people applying for cybersecurity jobs at their organizations did not have the needed skills for the job. That is up 10 percent from the 50 percent who had felt the same way a year ago.
The trend has put enterprises in a very awkward position, Vashi said. Even as threats are becoming more critical and the threat landscape has become much more complex, enterprises are coming up short in their ability to find people to help, he said.
With its program, Cisco has become part of a broader initiative that is being played out at the national level to bolster the availability of information security talent.
Public, private sectors seek talent
The Obama administration’s Cybersecurity National Action Plan (CNAP) that was announced earlier this year sets aside $62 million to prepare people for government careers in information security. A CyberCorps Reserve initiative established under CNAP offers scholarships for U.S. citizens wishing to pursue careers in cybersecurity within the federal government. The CNAP program also has put the U.S. Department of Homeland Security in charge of developing a Cybersecurity Core Curriculum to ensure that information security professionals joining the federal government meet certain baseline requirements.
One example of how the initiative will work is a $4.2 million scholarship program that is being rolled out at the University of Massachusetts Amherst for training up to 28 students in cybersecurity. Students who qualify for the program will receive a scholarship that covers tuition, fees, books, travel and health insurance. In addition, graduate students under the program will be eligible for stipends of up to $34,000 a year, while undergraduate students will be eligible for up to $22,500.
The program requires students to commit to working for at least one year in a federal, state or local government organization for every full year of scholarships that they receive.
Another example is the National Institute of Standards and Technology (NIST), which has a program called the National Initiative for Cybersecurity Education (NICE), under which it is working with private sector organizations, government agencies and academia to develop training and work force development programs in cybersecurity.
One example of an organization in the private sector that has embarked on a mission similar to Cisco’s is Hewlett-Packard. The technology giant has a program under which it is offering scholarships ranging from $5,000 to $10,000 to women studying for bachelor’s and graduate degrees in information security. Partnering with HP in Scholarships for Women Studying Information Security (SWSIS) program is Applied Computer Security Associates (ACSA) a nonprofit group of information security professionals.
The National Initiative for Cybersecurity Careers and Studies maintains a list of some other scholarships and training programs available to individuals interested in information security careers.
More stories related to cybersecurity jobs:
Three steps to fixing the cybersecurity talent shortage
Brown University launches milestone executive cybersecurity program
Academia tries to ease shortage of cyber sleuths