There are nearly 600,000 cybersecurity job openings nationwide and not nearly enough qualified candidates to fill them. As this cybersecurity workforce gap threatens innovation and keeps IT leaders up at night, community colleges are playing an increasingly important role in closing it.
Editor’s note: This article is one of two in a series on cybersecurity training at community colleges.
Spurred on by the global pandemic, the pace of digitization has exploded in the last few years. This trend has led to a sharp rise in cybercrime. Worldwide, the number of ransomware attacks doubled in 2021, Fortune reports.
Driven by an increase in cyberattacks against organizations of all sizes, the demand for cybersecurity employees is growing faster than the supply. And the problem is only expected to get worse.
“We’re going to see a huge need for more cybersecurity professionals,” said John Sands, a professor of IT and chair of the computer-integrated technology department at Moraine Valley Community College in Illinois.
For instance, Sands noted that new federal regulations will require every U.S. Defense Department contractor to undergo a cybersecurity audit on a regular basis.
“That’s going to open up thousands of additional jobs,” he predicted.
Rapid progress
As the demand for cybersecurity employees continues to soar, community colleges are adding or expanding cybersecurity programs at a fast clip. The National Security Agency’s National Centers of Academic Excellence in Cybersecurity (CAE-C) is a key measuring stick for cybersecurity degree programs. Colleges and universities must apply and undergo a rigorous evaluation of their cybersecurity programs to achieve this designation.
As of press time, about 380 higher-education institutions had attained CAE-C status, and nearly a third of these were community colleges. That’s up from a dozen community colleges just 10 years ago.
“We’ve really made a lot of progress in the last few years,” Sands said.
Although this progress is encouraging, Sands identified several challenges that community colleges must overcome in establishing cybersecurity degree programs. For instance, colleges must create a “sandbox” environment, or a shared virtual space where students can learn and practice their skills without affecting the college’s main computer network. They have to keep their curriculum up to date in a rapidly changing field. And, they have to hire and continually train faculty.
“It can be hard to compete with the private sector, where cybersecurity professionals earn much higher salaries,” Sands noted.
Help is available
There are many federal resources available to help colleges meet these challenges. One of the newest is the U.S. Cyber Command’s Academic Engagement Network, a partnership between the U.S. military and participating colleges that aims to prepare students for the cybersecurity workforce. Fourteen community colleges are among 100 or so higher-education institutions chosen in the network’s first cohort.
Network participants will receive regular updates about changes in the cybersecurity domain that could affect their degree programs. Students and faculty at participating colleges can attend CYBERCOM webinars, guest lectures and career fairs. Participating colleges also will have access to CYBERCOM mentors to help guide their capstone programs.
“It’s exciting,” said Lakisha Ferebee, acting department chair of technology for the College of Southern Maryland (CSM), one of the community colleges chosen for the network. CSM’s participation will help shape the college’s cybersecurity programs to meet specific workforce needs, she said, “so we’re able to provide highly skilled workers.”
In partnership with Microsoft, the National Cybersecurity Training & Education (NCyTE) Center at Whatcom Community College in Washington provides assistance for community colleges to establish new cybersecurity degree and certification programs.
“This is a service we’re providing for colleges,” said Corrinne Sande, a professor at Whatcom and director of the NCyTE Center.
Constant work
Sande agreed that attracting qualified instructors can be a barrier to creating cybersecurity programs at community colleges. Another NCyTE initiative, called the Faculty Recruitment Bootcamp, could help institutions meet this challenge.
The bootcamp is a four-day training program targeting students in their last year of a cybersecurity bachelor’s or master’s degree program. Participants, who receive a $1,500 stipend for the training, learn how to teach cybersecurity in a community college setting. Once they graduate and find a full-time job in the cybersecurity field, they’re connected with a community college to serve as an adjunct faculty member.
While community colleges might struggle to compete with the private sector when it comes to hiring and paying cybersecurity instructors, providing opportunities for faculty to update their skills and certifications at no cost can be a motivating factor, Sande said. She added: “If faculty have the ability to get the training they need to stay current in their field, a lot of faculty would be happy with that.”
CSM relies heavily on adjunct faculty for its cybersecurity degree programs.
“This allows us to offer flexible schedules for working students,” Ferebee said.
The college has also had success in hiring adjunct faculty to full-time teaching positions when they’re ready to retire from their private-sector careers.
Ferebee’s advice for colleges looking to start or grow a cybersecruity program is to take advantage of government programs and resources from agencies like NSA and the National Science Foundation, which funds the NCyTE Center.
“The nature of this field is that change is inevitable, and it’s quick,” she said. “This is constant work. You can’t just do it once and think you’re done.”