2019 NICE Conference: Rethinking the Future Cybersecurity Professional

The shortage in qualified cybersecurity professionals is startling — both domestically and internationally.

According to data published by NICE (National Initiative for Cybersecurity Education), the shortage at the beginning of 2019 was 314,000 cybersecurity professionals in the United States. The shortage at the end of 2019 jumped to 504,000.

Expanding internationally, a report published by the Center for Cyber Safety and Education predicts that the global cybersecurity workforce shortage is expected to reach 1.8 million by 2022.

This is the current reality for the cybersecurity industry. The task for the industry is finding solutions to close this gap while threats continue to grow. It requires re-thinking the type of individuals recruited to the cybersecurity industry.

Attending the 2019 NICE Conference

In November 2019, I attended the 2019 NICE Conference in Phoenix to hear the latest discussions surrounding the current and future state of the cybersecurity workforce.

I was encouraged by the theme of this year’s conference, “Reimagining the Future of the Cybersecurity Workforce.” It tells me that cybersecurity stakeholders are focused on finding solutions to close the gap between qualified professionals and positions that need to be filled.

Who are these stakeholders? I heard from experts in the cybersecurity industry, plus leaders and decision-makers in higher education, government, and private businesses during the conference.

The conversations were beneficial to help each group understand that building the ideal cybersecurity workforce is not an academic exercise throwing specific students into a program and making them a cybersecurity professional. It’s much more intricate, involved, and creative.

How to Build Tomorrow’s Cybersecurity Workforce

The traditional line of thinking in cybersecurity is to find the technology student or the engineer that seems like a good fit for cybersecurity. But, the reality is that an 18 or 19-year old art student or general education student in their first or second year of college could actually be a valuable asset in cybersecurity.

The approach must evolve to smarter evaluation. Universities need to be evaluating students based on how well they think, not so much whether their current degree path and education translates directly to cybersecurity.

Cybersecurity, at its core, requires problem-solving, the ability to process information, and the ability to think diversely about finding solutions to problems. Students that have this ability are an invaluable resource in cybersecurity.

The key is providing the training through apprenticeship programs that allows students to apply their critical thinking skills in a cybersecurity context.

The 2019 NICE Conference helped paint the picture of how to build educational programs on college and university campuses that allow students to receive hands-on training and instruction that translates to real-world issues that need to be addressed beyond the college campus.

Aligning Stakeholder Interests to Build a Cybersecurity Workforce

Each stakeholder that attended the NICE Conference has an interest in building the ideal cybersecurity workforce. The challenge is aligning each of these interests to create robust training grounds for cybersecurity professionals.

– Colleges and universities need to attract students to their campus and then retain these students once they’re on campus.

– Government needs qualified cybersecurity professionals to support government cybersecurity programs.

– Private and public companies need cybersecurity professionals to keep their data, systems, and infrastructure secure.

The final piece of the puzzle is involving finance players that are seeking low-risk, high-return investment opportunities. Clearly, the need to produce cybersecurity professionals will continue to grow for decades to follow. Financing on-campus training facilities that are designed to produce cybersecurity professionals represents a long-term growth opportunity for smart investors.

A forum such as NICE 2019 allows all of these stakeholders to come together, have conversations about how to get these projects off the ground, and discuss how to recruit the ideal cybersecurity professional that will get their start in an on-campus training ground.

Universities That Are Leading the Way in Cybersecurity Training

Two universities in particular are leading the way in cybersecurity training. Florida International University (FIU) and Arizona State University (ASU) offer dedicated cybersecurity degree programs, and they were the academic hosts of the 2019 NICE Conference.

These universities and other institutions are ahead of the game by thinking bigger about their cybersecurity training programs through engagement with the private sector.

Other universities need more access to private equity. They also need access to corporate customers that simultaneously need access to well-trained, qualified cybersecurity professionals. Finding these mutually-beneficial relationships is critical.

Where RESET can help is developing the right fiscal environment that connects each stakeholder to each potential project through our Cyber Range Concierge service.

We also help stakeholders build stronger connections through The Connection Process. We are capable of connecting higher-education leaders and corporate decision-makers to have more productive conversations about how to build and maintain cybersecurity training programs.

Because cybersecurity threats continue to grow on a daily basis, businesses and government have a vested interest in closing the cybersecurity workforce gap. The ideal breeding ground for new talent are college campuses.

Work with RESET to help facilitate conversations. Together, we can build a more robust cybersecurity workforce to solve current and future challenges.