Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Training & Awareness

Report Examines Ways to Bridge Cybersecurity Workforce Gap

A new report from the (ISC)² Foundation and University of Phoenix highlights the challenges posed by the shortage of cybersecurity professionals and identifies key ways for schools and businesses to address the situation.

A new report from the (ISC)² Foundation and University of Phoenix highlights the challenges posed by the shortage of cybersecurity professionals and identifies key ways for schools and businesses to address the situation.

Culled from conversations with tech industry, higher education and talent development leaders, the report identifies key gaps challenging employers related to competency, professional experience and “education speed-to-market.”

“The growing frequency, sophistication, and costs of cyberattacks threaten business continuity for organizations of all sizes,” said Julie Peeler, director, (ISC)² Foundation, in a statement. “Preparing and attracting the next generation of cybersecurity professionals is critical to the health of the economy and businesses globally.”

Addressing the first item on the list – competency – can be done through a number of steps, the report recommends.

Advertisement. Scroll to continue reading.

“With the rising demand for qualified cybersecurity talent, industry leaders are increasingly calling for a common definition of the scope of work that cybersecurity covers—and agreed-upon competencies that cybersecurity professionals must demonstrate,” according to the report. “Defining a standard set of industry-aligned professional competencies can help in educating, recruiting, developing, and retaining the caliber of talent that the industry needs. Striving toward common definitions and competencies, the National Initiative for Cybersecurity Education (NICE) developed the National Cybersecurity Workforce Framework, and the U.S. Department of Labor (DOL) developed the Cybersecurity Industry Competency Model.”

On the higher education level, the report recommends among other things that schools build case studies into the curriculum to ensure students have to apply their knowledge and skills in real-world scenarios. They should also ensure the curriculum is aligned with certification requirements and employ faculty on the frontlines of cybersecurity, according to the report.

In regards to professional experience, the report recommends industry associations support student membership, and advises employers to hire interns and partner with universities. Colleges meanwhile should create networking opportunities for students to use to build their resumes and experience, the report (PDF) adds.

“The multi-faceted cybersecurity field demands a strong workforce comprised of individuals who can adapt to constant shifts in the sector,” said Dennis Bonilla, executive dean of University of Phoenix College of Information Systems and Technology, in a statement. “The industry increasingly needs professionals who possess both technical skills and strong business acumen, and curriculum is shifting to reflect these dynamics. Relevant education and training aligned to industry requirements are crucial to protecting and growing business infrastructure in the U.S. and globally.”

The final set of advice the report gives relates to closing the education speed-to-market gap so that institutions of higher education can more quickly provide qualified applicants into the job pool. For schools, that involves mapping curricula to industry-endorsed competencies such as those outlined in the NICE Framework and the DOL’s Cybersecurity Industry Competency Model. The report also recommends businesses get involved with educators and students take steps to get certifications.

“Having qualified cybersecurity professionals is critical in all industries,” said Peeler. “Employers must act quickly to close workforce gaps and mitigate the risks that threaten enterprises. The roundtable report by the (ISC)² Foundation and University of Phoenix provides practical recommendations to key stakeholder groups that must work together to build the cybersecurity talent pipeline.”

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Training & Awareness

Google has announced a new training program for cybersecurity analysts and those who graduate will get a professional certificate from Google.

Management & Strategy

750 cyber specialists have participated in Defence Cyber Marvel 2 (DCM2), the biggest military cyberwarfare exercise in Western Europe.

Phishing

Security awareness training isn’t working to the level it needs to. Social engineering, however, is getting better. Why doesn’t awareness training work, and how...

Management & Strategy

Addressing the people problem with effective approaches and tools for users and security practitioners will enable us to work smarter, and force attackers into...

Audits

The PCI Security Standards Council (SSC), the organization that oversees the Payment Card Industry Data Security Standard (PCI DSS), this week announced the release...

Management & Strategy

Tips for making a presentation that will help improve the state of security programs and reflect favorably on the presenters and their companies

Management & Strategy

UK-based cybersecurity training solutions provider Immersive Labs announced on Wednesday that it has raised $66 million in new capital.