Cybersecurity education for the next generation
powers-old-account 270000NC1K Visits (3882)
David Jarvis, senior consultant at the IBM Center for Applied Insights discusses the key guidance in IBM's report, "Cybersecurity education for the next generation."
About the report
POWERS: IBM has just released a new report on the state of cybersecurity education. It's called Cybersecurity Education for the Next Generation, Advancing a Collaborative Approach. David Jarvis is a senior consultant at the IBM Center for Applied Insights and one of the co-authors of the study. David, why did IBM publish this report?
JARVIS: IBM produced this report primarily because in industry and government, there's been a lot of reports, news articles, analyses saying that there is a skills gap -- that there's not enough cybersecurity professionals today or projected into the future.
And instead of looking at the demand side -- looking from industry or from the government side -- we decided to look from the supply side and look at academic programs and look at what leading practices that they have so we can actually look from the supply side to see how we can better address the skills gap going forward. And this is part of our overall cybersecurity innovation program efforts at IBM.
POWERS: Based on the interviews you did with academic institutions across the world, what guidance does IBM have for academic institutions?
JARVIS: What we found was that there were really three main areas of leading practices that we identified through our interviews, and they all involved collaboration. So the first was really collaborating within your own institution, within your own academic institution trying to become more interdisciplinary or holistic working across technical disciplines, across computer science, engineering, working with other schools like law, engineering, policy as well.
There was another collaborative area that we looked at looking at industry, co-evolving with industry. So, becoming more hands on or getting involved...or, having industry get involved as well.
And then thirdly, we also looked at expanding collaboration globally. We found that not enough academic institutions were actually collaborating formally with universities around the world with respect to cybersecurity. There was a lot of informal collaboration between professors developing papers but there were no formal kind of university to university programs that at least we saw through our interviews.
POWERS: What were some of the best practices at academic institutions that you found during your interviews?
JARVIS: So, we have three case studies in our paper that highlight these three areas of collaboration that I talked about previously, and these were really excellent examples that we found for those three areas of collaboration.
So, the first was, Temsasek Polytechnic, which is a university in Singapore, and they have a very unique approach to hands-on education. So what they're doing is they're in the...they're in the kind of planning phases and building phases of developing a student-run security operation center.
So, starting next year, students are actually going to manage the security environment -- information security environment -- for the university. So that, they're hoping is going to provide them really excellent hands-on training.
Another area that we saw that was interesting was with the Rochester Institute of Technology, R.I.T. Now, they actually have a dedicated undergraduate program in cybersecurity, which is...isn't very common. Most programs are at the PhD level or at the Master's level. And so, they talk a little bit about the challenges that they face, why they thought that it was important to specialize early at the undergraduate level.
And then the third area that was really interesting -- and this is more on the collaborating globally with other academic institutions -- was North Carolina State. And what they're doing is they received a grant from the National Security Agency to work with other universities to help develop a science of security or to approach security problems with a bit more of a scientific method so they can really not just react and respond to the crisis of today but really solve long-term security problems that we're facing so we're not going to have to operate like we do today.
POWERS: Once again, the report is called, Cybersecurity Education for the Next Generation, Advancing a Collaborative Approach. You can download the report at bit.ly/2013seced. That's bit.ly/2013seced.