editor’s question
STEVE MULHEARN,
DIRECTOR OF
ENHANCED
TECHNOLOGIES,
FORTINET
E
ducation is
extremely
important but,
unfortunately,
today’s IT
curriculums aren’t
quite addressing
current needs. Firstly, we often find that
the learning content and materials being
used are out of date with regard to what
is actually happening in the industry.
Secondly, many current programmes fail
to accurately depict what cybersecurity
professionals actually do – many
young people believe they sit in front of
computers late at night wearing hoodies
– or the commercial need businesses
have for the cybersecurity skillset.
Young people don’t realise the
breadth of the problem. While it is
the most wanted skillset in the UK,
Ireland, the US, Germany and Israel,
and is a growing need in emerging
countries where competing in the
global marketplace requires a
digital presence, a recent workforce
development survey showed 59%
of organisations have unfilled
cybersecurity positions, with Frost &
Sullivan forecasting a shortfall of 1.5
million by 2020.
We need to
acknowledge
that schools and
universities alone
can’t address the
pressing problem
of the cybersecurity
skills gap.
To address this challenge, we need
a new approach that combines
the resources of higher education
organisations with those of the private
industry and public sector.
For example, in the UK we’re looking
at how we can work with universities to
further engage with students in order
to give them a better understanding
of cybersecurity – through exposure
to us as a business, investments in
educational technology and investments
in time to ensure the materials they are
using are up-to-date.
Because of the rate at which breach
and cybercrime defence methodologies
evolve, it’s difficult for education bodies
to keep up. As a result, there is a
general lack of understanding around
the field in general. That gap is expected to grow
significantly over the next few years
if nothing is done. As a result, people
usually fall into cybersecurity, rather than
being guided towards it. We need to acknowledge that schools
and universities alone can’t address the
pressing problem of the cybersecurity
skills gap.
While students are learning how to
code and develop applications, they
aren’t necessarily learning how to build
effective security mechanisms from the
ground up to keep those applications
safe – they aren’t learning to think in the
way cybercriminals do. The majority of today’s industry
professionals start out in a different field
of IT and land in cybersecurity because
at some point they realise they have an
interest or a skill for it. They then have
to retrain as cybersecurity specialists,
exacerbating the skills shortage issue. A concerted effort across public and
private organisations is our best shot at
creating a cybersecurity talent pool with
a variety of skill levels, with professionals
who know how to engineer secure
environments and detect and respond to
sophisticated attacks.
28
Issue 15
|
www.intelligentciso.com