This requires an understanding of where the job market is going. It doesn’t help to merely plan for today’s jobs, because by the time people receive training on current technologies, those technologies are often obsolete. The education sector must plan to train students in a way that addresses the skills gap four or more years down the road, depending on the ages of the students.

Conversely, higher education needs to think in more immediate terms, because students are so much closer to entering the workforce. Colleges and universities may want to rescale and upscale cybersecurity training programs, focusing less on degree learning and more on earning certifications so students can quickly fill open positions.

Finding the right cybersecurity training partner

This is easier said than done for K-12 IT teams that remain resource- and budget-constrained. Some districts share a chief information security officer; others have none. For K-12 and higher education, options exist to partner with governments, nonprofits and cybersecurity vendors to implement training programs, drawing on their expertise for guidance.

For referrals, check with colleagues in the education sector. Find out what has worked and what hasn’t. Attending cybersecurity-focused education conferences is also helpful, as events draw instructors and vendors who focus on cyber-education.

Good vetting questions to ask potential cybersecurity training partners include: Where is the industry going? What will cybersecurity jobs look like in five years versus today? Are the school’s resources combined with the partner’s resources sufficient to prepare students for those jobs?

Cybersecurity vendors are usually quite good at creating training programs to equip customers and partners with the knowledge and skills required to operate their own products. This is certainly critical as cybersecurity solutions become more sophisticated. However, cybersecurity vendors are beginning to adopt a training and education strategy with a much wider focus than their own products and solutions.

Cybersecurity training is important and it should start as early as possible--here's why

A comprehensive strategy needs to include cybersecurity training and education programs designed for:
• Teenagers and parents—both in school and at home
• Technical colleges and universities implementing new cybersecurity programs or integrating cyber into more traditional IT and computer science courses

This provides a means for vendors’ subject matter experts to share their knowledge and vision with thought leaders and the next generation of cybersecurity experts.

Formal programs are a necessary element to filling the skills gap, but a comprehensive training and education strategy must include strategic partnerships within government, academia and NGOs.

Addressing the threat

The cybersecurity skills gap is about much more than HR having a hard time filling open positions; it is a real and serious threat to the ongoing viability of all organizations, not just schools. Closing the skills gap involves educating those within the education system.

Cybersecurity vendors and other partners have a role to play in helping with education in all contexts, extending their ability to train and educate customers and partners to K-12 and college students for the sake of stronger cybersecurity at a societal level.

About the Author:

Rob Rashotte is VP of global training and technical field enablement at Fortinet. He has 20 years of experience developing training and education strategies for startups as well as complex global organizations. He also has 15 years of experience working with some of the most innovative, fast-paced companies in the high-tech industry. Rob has an MBA from the University of Ottawa.


Add your opinion to the discussion.