Cultivating the Next Generation of Cybersecurity Experts

By Trellix · March 28, 2022
This blog was written by Bryan Palma

As cybersecurity threats from nation-state actors grow in volume and sophistication, the worldwide shortage of cybersecurity professionals grows as well. Countries like Russia and China invest deeply in nurturing cybersecurity talent through state-funded education. Other nations, like the United States, do not. What short and long-term actions can Americans ask public leaders to champion? What are the most exciting and innovative ways we can inspire, train and prepare new generations of experts to protect the U.S.?

In 2016, a Center for Strategic and International Studies study found 82 percent of respondents across eight countries reported a lack of cybersecurity skills within their organization. 71 percent acknowledged the critical global shortage of skilled professionals. The cybersecurity skills shortage is notable in the U.S. federal government, where there is an estimated 35,000 openings for cybersecurity professionals.

Launch AmeriCorps for Cyber, Cybersecurity Corps

The U.S. is at a competitive disadvantage in developing skills to compete against countries using a ‘whole of government’ approach to train security practitioners. Both Russia and Israel use compulsory service to build their cyber skills at scale. To compete, the U.S. could create a cybersecurity version of the federal program, Corporation for National and Community Service, aka AmeriCorps.

Increase Scholarship Funding

Americans should ask our leaders to increase funding for the Cyber Corps Scholarship for Service (SFS) program. The program provides grants to 70 institutions across the country to offer scholarships to grow a cadre of information assurance specialists. The program is funded at $55 million a year, covering 2,000 students. Given our talent deficit, we need to increase the size of the program, for example a $200 million program would support 6,400 students.

Focus on Diversity

The talent pool needs to expand not only in size, but diversity. According to Aspen Digital Tech Policy Hub's latest report, only 4% of cybersecurity workers self-identify as Hispanic, 9% as Black, and 24% as women. According to the American Association of University Women, most community college students are women and 41% are minorities. If the SFS program participation was broadened from research universities to community colleges, we could achieve a larger, and more diverse talent pool.

Jump-Start Education in Kindergarten

Let’s focus on getting K-12 students interested in pursuing STEM-related careers. By creating a consistent age-appropriate cybersecurity curriculum for K-12, we can break down social and diversity barriers so younger students are inspired to succeed in cyber and advanced technology fields.

Better Policies. Broader Programs. A Brighter Cyber Future.

These recommendations are only the start of what we can do to increase the number and diversity of cybersecurity professionals. During June’s RSA Conference, I will explore this topic further. Join me.