There is heightened awareness within the business community
regarding vulnerabilities related to cyber threats and the financial
repercussions of breaches, data loss and cyber attacks. In fact, according to a
recent Ponemon Institute survey, a majority of respondents indicated that
cybersecurity risks rank higher in terms of business risks than natural
disasters. However, there is a worrisome lack of interest in the IT security
profession among young adults.
The Jobs are There.
Where are the Skilled Workers… and Investment in Security?
According to a recent jobs report,
of 1,000 adults ages 18-26 surveyed, only 24 percent expressed interest in a
cybersecurity career. In comparison, 32 percent are interested in being an app
designer/ developer. Additionally, 82 percent said that their high school
counselor never mentioned the possibility of a career in cybersecurity.
A low level of interest in the profession could create
security concerns, especially when the IT skills gap continues to widen for
organizations.
Young adults’ attitudes are reflective of a larger issue—an
overall lack of investment in security. While security professionals remain
highly in demand, investment in security continues to lag. The security field
is still relatively young and continues to evolve. Many companies consider
security a function of IT. As a result, security projects and concerns are
competing against business- and revenue-driven initiatives. The latter, which
may be considered more “sexy,” typically receive the bulk of financial
resources.
University Curriculum
and Government Support
At colleges and universities, cybersecurity is also
competing against more flashy fields like communications and education.
Jessica Bair, who develops the cybersecurity curriculum for our Guidance Software training
division, notes, “Entertainment and apps have a prominent
place in young people’s lives and are considered ‘cool.’”
However, she believes that if students gain more exposure
to the IT security profession, their perceptions may change. For example, she
notes, salaries for cybersecurity professionals tend to be higher than jobs
requiring the same level of training and education, and there is greater pay
equity between men and women. There is also a higher level of job security in
the industry due to staffing demands.
“If a young person has the opportunity to learn more about
how cybersecurity professionals are protecting important data from bad people,
their interest may be piqued resulting in them envisioning cyber defense as a
potential career path,” Bair said.
The good news is that more universities are offering
programs focused on cybersecurity, and the government is publicly and
financially supporting such programs. Dozens of colleges and universities,
including Carnegie Mellon University, Purdue University and Syracuse University,
are National Centers of Academic Excellence in Information Architecture (IA) education
and research. The NSA and the Department of Homeland Security jointly sponsor
the program with the goal of reducing vulnerability in the country’s national
information structure by promoting higher education and research in Information
Architecture.
The
Wall Street Journal recently noted: “The White House has called for ‘a
national strategy, similar to the effort to upgrade science and mathematics
education in the 1950s,’ to meet the challenge of turning out qualified
graduates to fill cybersecurity jobs.”
EnCase Academic
Program
Similar efforts are happening at the corporate level. At
Guidance Software, we’re committed to working closely with colleges and
universities that offer forensics programs. For example, we offer online
courses on digital investigation to offer practical skills training in those
institutions through our EnCase Academic Program.
It’s critical that leading industry organizations and
security professionals work closely with bright minds at our educational
institutions to help increase the profession’s visibility and raise awareness about
the exciting challenges and critical importance of the cybersecurity profession.
By reaching students before they graduate, we can engage with future security
professionals, ensuring that organizations will have the talent they need to
address cyber threats today and in the future.
The current generation is wired for technology and should be
more attuned to the security implications of their cyber activities for their
own safety. And, once students learn about risks and ethical hacking, they may
think fighting cyber attacks is more exciting than creating the latest iPhone
app.
No comments :
Post a Comment