Comprehensive software reviews to make better IT decisions
Train to Gain: Training the Next Generation of Cybersecurity Professionals
Trying to fill a cybersecurity position? Chances are you are having difficulty finding a candidate, let alone a qualified one. With 3.5 million cybersecurity job vacancies expected by 2021, the quick demand for cybersecurity professionals has had industries scrambling to catch up.
To counter the worldwide shortage, many governments have collaborated with educational institutions to develop and integrate cybersecurity curriculum in K-12 institutions and colleges. With the overall goal of engaging and offering younger generations educational cybersecurity resources, the hope is that they will further pursue it as a profession.
However, while educational programs do provide the foundational skills and theory for a profession in security, education alone does not promise for the output of high-quality cybersecurity professionals. Academia often struggles to keep up with the evolving cybersecurity landscape, and employers often note that the technical and soft skills learnt in education programs lack real-world application. Therefore, government and educational intervention may not be enough to counter the cyber talent shortage. Rather, corporate training opportunities must also be included in the equation.
Big technology firms acknowledge the importance of industry training in closing the cyber talent shortage and developing world-class cyber professionals. For example, over the next four years, IBM will be investing a large part of one billion dollars to cybersecurity-specific skills training and development for the US workforce. The initiative involves funding high school students in STEM fields to earn an associate’s degree free of charge as well as offering opportunities to intern at IBM during their academic careers and work at the company upon graduation.
Verizon has taken a similar stance on closing the cyber skills gap with corporate training but has decided to invest in its own employees. Applying its philosophy of using non-traditional routes such as classes with certifications and on-the-job training, it has announced a large-scale employee training initiative for 2,000 people in cybersecurity. The initiative will involve a self-paced, online cybersecurity course based on role (i.e. wireless sales, product, and security sales), and will emphasize connections between cybersecurity and business operations.
- Leverage the NICE Cybersecurity Workforce Framework in education and training initiatives.
The NICE Cybersecurity Workforce Framework (NCWF) is a cybersecurity workforce guide that provides employers, educators, and students a list of baseline skill standards for cybersecurity roles across all industry verticals. With the overall aim of increasing awareness of the knowledge, skills, and abilities (KSAs) that are valued and in-demand of common cyber roles, it is hoped that the framework will improve communication on how to identify, recruit, develop, and retain cybersecurity talent.
- Research online resources to recommend to employees interested in cybersecurity.
Several resources exist for employees wanting to enhance their skill sets in cybersecurity. Resources like Cybrary, the SANS Institute, and eLearnSecurity offer a range of security training at varying proficiencies. Be sure to also check out government resources online.
- Look for transferable capabilities.
Deloitte Canada suggests that using a human-centric framework focused on soft skills can enable businesses to move past the talent shortage. Having developed a list of seven personas that represent the faces of cybersecurity (e.g. strategist, advisor, sleuth, defender, scientist, hacker, firefighter), with each associated with a list of transferable capabilities, Deloitte believes that people matching these personas can be molded into security roles to fill the talent void.
The cybersecurity talent shortage is only expected to widen in future years and employers must be cognizant that government and educational efforts alone will not be enough to close the cyber talent gap and develop world-class cybersecurity professionals. To prepare for the challenges ahead, employers should investigate whether they are able to offer cybersecurity training opportunities for students and in-house employees.
Want to Know More?
PHEMI is a data privacy solution focused on keeping data-processing activities secure by redacting information based on the role of the accessor. Thus, allowing such data to be used for multiple use cases without compromising privacy.
OneTrust challenges the antiquated idea of data privacy and artificial intelligence (AI) as stark opponents, with the introduction of OneTrust Athena, the vendor’s AI and robotic automation-powered platform.
Configuring online learning can take time and resources not all organizations have, especially during the COVID-19 pandemic. D2L is assisting with this through a Quick Start Care Package to help organizations rapidly transition to online learning.
What is changing in the HR technology space as a result of COVID-19? Some organizations are seeing an uptick in interest and customer support, while others are providing free access to their product.
Startup security vendor SECURITI.ai wins RSAC “Most Innovative Startup” at the RSA Conference 2020 Innovation Sandbox Contest.
Cornerstone is acquiring Saba, a learning management system, to further invest in its learning offerings and gain reach in the market. With this acquisition, the organization intends to accelerate product development.
Cornerstone acquires Clustree to incorporate AI into its learning solutions. As a result, Cornerstone’s Learning Suite displays deep knowledge of employee skills, which can inform promotions or job changes, areas for learning, and recruiting decisions.
This is the third maintenance release since Sakai 19 was released in spring 2019. Thanks to its open-source community, Sakai is continuously providing fixes, security updates, and improvements to its users.
Osano recently released its SaaS privacy solution aimed at simplifying compliance and vendor assessments. The product feels familiar, but Osano’s ethical commitment sets it apart from the crowd.