As the nation’s businesses, school districts and critical infrastructure endure cyberattacks on an almost daily basis, stakeholders charged with defending the U.S. against the attacks must address the estimated 750,000 vacant jobs in the cybersecurity industry.
But CYBER.ORG, an educational initiative of the Bossier City, La.-based Cyber Innovation Center, is ramping up its programs in hopes of taking a bite out of this problem.
Last year, the State of Louisiana announced a $2 million expansion of the CYBER.ORG Range program to grow cybersecurity talent. The program has been deployed in 47 states by 650 K-12 educators and launched more than 30,000 times by users.
Through Range, students gain hands-on knowledge of cybersecurity using real-world tools with common cyberattacks and learn how to defend against them.
Diversifying the Field
This year, CYBER.ORG is expanding two other programs aimed at diversifying recruitment and training efforts.
Project REACH is a feeder program that works with historically Black colleges and universities (HBCU) on cybersecurity education and careers. The program plans more kickoff events this year after working with two HBSUs in 2022. Program expansion is also planned this year to serve Hispanic-speaking and Tribal institutes.
Additionally, the organization is targeting growth for Project Access, a program for the blind and visually impaired who are in pre-employment transition (Pre-ETS). CYBER.ORG is including different types of neuro-divergent students this year, recognizing how all students learn differently.
“Maybe they have a student in their classroom that really struggles with reading, but they can be a great programmer one day and they can dive into cybersecurity in some different realms,” says CYBER.ORG Executive Director Laurie Salvail.
Removing Obstacles
Salvail says the first obstacle to recruiting students – who often hear terms like hackers, attacks and threats -- is helping them understand the term “cybersecurity” and get an accurate picture of what their job would look like every day.
Students in elementary school are already making decisions about career interests, she notes, and may have feelings about what careers they’re capable of. Cybersecurity workers are often not as prominent as other professions, and that’s a built-in challenge.
“They see teachers, doctors and lawyers, but they might not see cybersecurity professionals or even realize one when they see them. So, we must help them understand what the jobs looks like, what the titles are, the companies we’re talking about that might employ them, and making that as concrete and tangible as possible,” Salvail says.
“We want to expose them to it as early as possible so they can gain the confidence needed to pursue a certification in an industry and start to join this workforce. Another part is helping teachers understand how they can assist their students. Our average teacher is not a cybersecurity professional.”
For very young students, providing a general awareness of threats and discussing, for example, what they should or shouldn’t share about themselves online is a starting point.
Variety of Perspectives
Salvail also feels diversity in the career field is needed to create effective cyber programs by bringing teams together with different perspectives and backgrounds.
Ideally, students who are curious and persistent can be successful in the field, even if they are not computer geeks.
“Learning basic coding and using technology can be frustrating at times, but the successful ones will be those who keep going and wanting to learn. They see their weaknesses as ways to learn more,” Salvail said.
Beyond that, Salvail believes there have been stereotypes about the types of people who fill cybersecurity positions. A workforce with “very diverse backgrounds and different upbringings” is needed to help the U.S. secure itself against future threats.
“In minority-serving areas we have not done a good job of getting students prepared. There are amazing, shining-star examples of incredible schools that can impart these skills. But we don’t want to just make this an elite group. It should be available in every school,” she says.
In rural areas where Internet access might be a challenge, programs must be designed to work on a simple Chromebook or any Internet browser so there isn’t dependency on downloading materials. Children with certain disabilities might learn more about the field by engaging with workers with the same disabilities to show what is possible, Salvail says.
Building a Culture
Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly noted last year that much work remains to reach 52 million students and three million educators in the U.S. who could be tapped to boost the cybersecurity talent pipeline.
In the long run, Salvail says, the success of CYBER.ORG’S educational programs will be measured in two different ways: first, by “reaching every K-12 student and their teacher. That’s how we’re going to shape this workforce one day, because we know that every profession is going to need some technology and some cybersecurity skills behind them.
“Success would be developing a culture that can shape capable adults who know how to protect themselves when they check their emails or know not to click on crazy links or fall for these scams we’re receiving on a daily basis.”
As for attracting talent to the workforce, Salvail simply wants to see more success filling the talent pipeline.
The U.S. cannot afford to fail at this task, she notes, if the country is to effectively defend itself against cyberattacks. The consequences are already being felt and not likely going away.
“Just like we teach every child how to read and how to do math,” Salvail says, “we've got to prepare every child for the technology that surrounds them on a daily basis.”
John Dobberstein is managing editor of SecurityInfoWatch.com and oversees all content creation for the website. Dobberstein continues a 34-year decorated journalism career that has included stops at a variety of newspapers and B2B magazines.
