A cybersecurity job may feel out of reach for many people. Traditionally, we’ve viewed cybersecurity professionals as highly trained technologists, fully embedded in the tech world. But with approximately 700,000 open cybersecurity positions, there simply are not enough people to meet that description. It’s time to reimagine what a cybersecurity job and a cybersecurity professional look like.
Cybersecurity Awareness Month, recognized each October, was designed to inform and educate the general population on their role in protecting the data and systems they have come to rely on. Moving forward, this awareness needs to be about more than creating strong passwords and avoiding unknown links. While this basic cyber hygiene education is still needed and incredibly important, we need to shift the conversation to one where anyone can see themselves in a cyber role.
Expanding the Definition of Cyber Professional
Gartner predicts that by 2025, lack of talent or human failure will be responsible for over half of significant cybersecurity incidents. We need to act quickly to change the mindset of hiring managers as well as the workforce in general to fill the critical gap. To turn this tide, the White House released the National Cyber Workforce and Education Strategy (NCWES), which urges collaboration between government officials and the private sector to expand foundational cyber skills access for all Americans. The strategy points out that many communities currently underrepresented in the cyber workforce do not envision themselves in cyber jobs or are not aware of the opportunities available to join this important and growing workforce.
No Degree? No problem.
The NCWES points out that many cyber jobs are attainable with a certificate or community college degree. Promoting accessibility to cyber training is critical to building a workforce pipeline. Companies, high schools, vocational schools, and community colleges need to focus efforts on growing enrollment in these types of non-degree programs.
Sector-based training, where people are trained for existing jobs in high-demand sectors without post-secondary degrees, offers an efficient talent solution. These programs have found lasting, positive impacts on participant earnings and life outcomes, generating transferable skills and credentials. This approach is particularly helpful for women and people of color, helping to close not only the cyber skills gap but also the IT diversity gap.
Building Diversity Through Next Generation Apprenticeships
The administration is also looking at classic job training strategies to meet the modern demand for cyber professionals. An apprenticeship sprint was designed to expand Registered Apprenticeships, a proven earn-while-you-learn model that aims to build a pipeline of skilled workers with a focus on underserved communities. The sprint resulted in 7,000 apprentices being hired, with 42% of them being people of color and 32% being female. Additionally, a number of private-sector companies participated in the sprint, expanding their use of apprenticeships to broaden their cyber talent base.
Scholarships That Support Cyber
Programs are also being developed to support those interested in the more traditional, higher education route. The National Defense Authorization Act recommends establishing a Department of Defense (DoD) Cyber and Digital Service Academy within existing universities and colleges. This means that students studying certain cyber and digital service disciplines could receive up to five years of tuition and room and board. In exchange, recipients would agree to work for the DoD for the same number of years that they received the scholarship. This is not unprecedented. The National Science Foundation’s CyberCorps Scholarship for Service Program has been in place since 2000. It has placed over 4,500 people in government organizations, including DoD, the National Security Agency, and state and local governments, in return for their scholarships.
Creating a New Look for Cybersecurity
To increase the number and diversity of cyber professionals, we need to write a new script. This script must start with redefining what it means to be a cyber professional and widening the lens as to what a cyber job can be. Once people can see themselves in cyber, the training to complete the job needs to be accessible. This broader view will have a huge impact on the talent pipeline needed to meet the cyber demands of today.
As the founder of GovEvents and GovWhitePapers, Kerry is on a mission to help businesses interact with, evolve, and serve the government. With 25+ years of experience in the information technology and government industries, Kerry drives the overall strategy and oversees operations for both companies. She has also served in executive marketing roles at a number of government IT providers.
Leave a Reply
You must be logged in to post a comment.