As more and more schools are implementing cybersecurity training programs, the role of IT leaders in the K-12 environment is changing from a technology focus to a more strategic focus on the enablement of digital learning and digital transformation.

However, this is new territory for most schools, and they feel the need for guidance on how to begin. What questions do educational institutions need to ask, and what kind of opportunities can be achieved after students receive certifications?

Related content: 5 best practices for starting a cybersecurity training program

Changing the cybersecurity training model

In the 2015-2016 global survey of IT professionals by Enterprise Strategy Group, 42 percent of organizations reported a problematic shortage of cybersecurity skills. Concern over finding skilled cybersecurity talent has grown every year since then. By 2019, the number had grown to 53 percent.

This concern and the reality behind it are growing faster than traditional four-year colleges and universities can remedy on their own. Though higher education should of course continue its efforts, cybersecurity training needs to start in kindergarten and continue all the way through high school in order to raise up a security-savvy generation – some of whom will become tomorrow’s much-needed cybersecurity professionals.

This requires an understanding of where the job market is going. It doesn’t help to merely plan for today’s jobs, because by the time people receive training on current technologies, those technologies are often obsolete. The education sector must plan to train students in a way that addresses the skills gap four or more years down the road, depending on the ages of the students.

Conversely, higher education needs to think in more immediate terms, because students are so much closer to entering the workforce. Colleges and universities may want to rescale and upscale cybersecurity training programs, focusing less on degree learning and more on earning certifications so students can quickly fill open positions.

Finding the right cybersecurity training partner

This is easier said than done for K-12 IT teams that remain resource- and budget-constrained. Some districts share a chief information security officer; others have none. For K-12 and higher education, options exist to partner with governments, nonprofits and cybersecurity vendors to implement training programs, drawing on their expertise for guidance.

For referrals, check with colleagues in the education sector. Find out what has worked and what hasn’t. Attending cybersecurity-focused education conferences is also helpful, as events draw instructors and vendors who focus on cyber-education.

Good vetting questions to ask potential cybersecurity training partners include: Where is the industry going? What will cybersecurity jobs look like in five years versus today? Are the school’s resources combined with the partner’s resources sufficient to prepare students for those jobs?

Cybersecurity vendors are usually quite good at creating training programs to equip customers and partners with the knowledge and skills required to operate their own products. This is certainly critical as cybersecurity solutions become more sophisticated. However, cybersecurity vendors are beginning to adopt a training and education strategy with a much wider focus than their own products and solutions.

A comprehensive strategy needs to include cybersecurity training and education programs designed for:
• Teenagers and parents—both in school and at home
• Technical colleges and universities implementing new cybersecurity programs or integrating cyber into more traditional IT and computer science courses

This provides a means for vendors’ subject matter experts to share their knowledge and vision with thought leaders and the next generation of cybersecurity experts.

Formal programs are a necessary element to filling the skills gap, but a comprehensive training and education strategy must include strategic partnerships within government, academia and NGOs.

Addressing the threat

The cybersecurity skills gap is about much more than HR having a hard time filling open positions; it is a real and serious threat to the ongoing viability of all organizations, not just schools. Closing the skills gap involves educating those within the education system.

Cybersecurity vendors and other partners have a role to play in helping with education in all contexts, extending their ability to train and educate customers and partners to K-12 and college students for the sake of stronger cybersecurity at a societal level.

About the Author:

Rob Rashotte is VP of global training and technical field enablement at Fortinet. He has 20 years of experience developing training and education strategies for startups as well as complex global organizations. He also has 15 years of experience working with some of the most innovative, fast-paced companies in the high-tech industry. Rob has an MBA from the University of Ottawa.


Add your opinion to the discussion.