Comprehensive Software Reviews to make better IT decisions
Train to Gain: Training the Next Generation of Cybersecurity Professionals
Trying to fill a cybersecurity position? Chances are you are having difficulty finding a candidate, let alone a qualified one. With 3.5 million cybersecurity job vacancies expected by 2021, the quick demand for cybersecurity professionals has had industries scrambling to catch up.
To counter the worldwide shortage, many governments have collaborated with educational institutions to develop and integrate cybersecurity curriculum in K-12 institutions and colleges. With the overall goal of engaging and offering younger generations educational cybersecurity resources, the hope is that they will further pursue it as a profession.
However, while educational programs do provide the foundational skills and theory for a profession in security, education alone does not promise for the output of high-quality cybersecurity professionals. Academia often struggles to keep up with the evolving cybersecurity landscape, and employers often note that the technical and soft skills learnt in education programs lack real-world application. Therefore, government and educational intervention may not be enough to counter the cyber talent shortage. Rather, corporate training opportunities must also be included in the equation.
Big technology firms acknowledge the importance of industry training in closing the cyber talent shortage and developing world-class cyber professionals. For example, over the next four years, IBM will be investing a large part of one billion dollars to cybersecurity-specific skills training and development for the US workforce. The initiative involves funding high school students in STEM fields to earn an associate’s degree free of charge as well as offering opportunities to intern at IBM during their academic careers and work at the company upon graduation.
Verizon has taken a similar stance on closing the cyber skills gap with corporate training but has decided to invest in its own employees. Applying its philosophy of using non-traditional routes such as classes with certifications and on-the-job training, it has announced a large-scale employee training initiative for 2,000 people in cybersecurity. The initiative will involve a self-paced, online cybersecurity course based on role (i.e. wireless sales, product, and security sales), and will emphasize connections between cybersecurity and business operations.
- Leverage the NICE Cybersecurity Workforce Framework in education and training initiatives.
The NICE Cybersecurity Workforce Framework (NCWF) is a cybersecurity workforce guide that provides employers, educators, and students a list of baseline skill standards for cybersecurity roles across all industry verticals. With the overall aim of increasing awareness of the knowledge, skills, and abilities (KSAs) that are valued and in-demand of common cyber roles, it is hoped that the framework will improve communication on how to identify, recruit, develop, and retain cybersecurity talent.
- Research online resources to recommend to employees interested in cybersecurity.
Several resources exist for employees wanting to enhance their skill sets in cybersecurity. Resources like Cybrary, the SANS Institute, and eLearnSecurity offer a range of security training at varying proficiencies. Be sure to also check out government resources online.
- Look for transferable capabilities.
Deloitte Canada suggests that using a human-centric framework focused on soft skills can enable businesses to move past the talent shortage. Having developed a list of seven personas that represent the faces of cybersecurity (e.g. strategist, advisor, sleuth, defender, scientist, hacker, firefighter), with each associated with a list of transferable capabilities, Deloitte believes that people matching these personas can be molded into security roles to fill the talent void.
The cybersecurity talent shortage is only expected to widen in future years and employers must be cognizant that government and educational efforts alone will not be enough to close the cyber talent gap and develop world-class cybersecurity professionals. To prepare for the challenges ahead, employers should investigate whether they are able to offer cybersecurity training opportunities for students and in-house employees.
Want to Know More?
Privacy by Design (PbD) is a General Data Protection Regulation (GDPR) requirement, but effective implementation requires deep insight into the operation and interconnection of various data collection processes. Thus, PbD can be difficult to document and demonstrate. However, Proteus may help.
Pearson released the results of its Global Learning Survey. This is the first time that Pearson has undertaken such a study to capture the opinions of 11,000 learners across 19 countries. The study uncovered eight key trends indicating a shift to life-long, learner driven education.
Blackboard has announced its partnership with Amazon’s Alexa to launch a new Skill for its flagship learning management system (LMS), Blackboard Learn. Learners (and their parents) will be able to get information about their profile and coursework simply by asking Alexa.
Absorb LMS has acquired Tampa-based eLogic Learning LMS. This is the second acquisition in its aggressive acquisition growth strategy, following its acquisition of Torch LMS in May.
TalentLMS 4.0 features several new features along with an improved user interface. While none of the new features are game changers, they are marginal improvements that TalentLMS users and administrators will enjoy.
iSpring has released an update that includes three major improvements to its Learn LMS platform. These updates are focused on making the role of admin easier and to cut down on the amount of time spent managing content and user lists.
SumTotal 19.2 is its second release of 2019 and solidifies its focus on creating an end-to-end talent development solution. Its new SumTotal Intelligent Assistant (SIA) is the highlight of the update, providing users the ability to translate web searches and internet content into relevant training content within the SumTotal LMS.
The US Federal Trade Commission announced both a $5-billion settlement with Facebook and a $575-million penalty against Equifax in the same week. Both were for data breaches – the Equifax case affected 147 million people, and the Facebook incident 87 million. So why is Facebook being hit with the heavier penalty?
Docebo’s latest product release, Docebo 7.7, increases personalization for enterprise learning and brand identity. The release also includes improved automated content suggestions through its artificial intelligence and course enrollment based on personalized learning paths.