From education to employment

Why adding cybersecurity to the curriculum is more important than ever

Chris Hodson, CISO at Tanium

We must equip students with #cybersecurity skills to prepare for a post COVID world 

No one could have predicted the devastating impact COVID-19 had on businesses across the world. The almost overnight transition to remote working forced unprecedented changes, blindsiding thousands of organisations. 

Across the country, thousands of endpoints suddenly needed to connect to corporate networks and unsurprisingly, with this surge in demand came much greater risk for remote workers. Our research found that 92% of UK businesses admitted to experiencing an increase in cyber attacks since the onset of the COVID-19 pandemic. 

Many IT departments are now planning for what the future could look like, but now is also the time to ensure the next generation of cybersecurity experts are well prepared to address the challenges of tomorrow.  Schools, universities and training providers are well placed to give young people a holistic skillset, covering the relevant technical skills and soft skills that employers will need in a post COVID world. 

The importance of recruiting more cybersecurity talent 

In Europe, it’s been well documented that there’s a shortage of cybersecurity professionals. The ramifications of skills shortages include an increasing workload on existing cybersecurity staff, long-standing job vacancies and, ultimately, an inability to use or understand security technologies to their full potential. 

But the biggest consequence of all is whether businesses have the resources to deal with unexpected security challenges. While it’s never easy for organisations to react to a ‘black swan’ event, this pandemic has taught us that unless businesses pay due care and attention to continuous cyber-risk mitigation in a new work-from-anywhere era, those same organisations may find themselves exposed to serious financial and reputational damage.

 The pandemic has  reinforced the importance of businesses investing in the right security solutions and the best security talent to ensure the impact of such events is as minimal as possible. Now is the time for universities to reassess their curricula and ensure all students have the necessary skills to flourish and support businesses once they graduate. 

Adding cybersecurity to the curriculum 

In order to attract cybersecurity talent at universities in the first place, we must consider whether more needs to be done to weave cybersecurity into the school curriculum. 

As opposed to previous generations, students of today are digital natives and have been brought up around technology. With both teachers and students heavily relying on internet accessibility, the need to develop cybersecurity skills – in both their personal and professional lives – more important than ever.

A survey by the National Cyber Security Alliance and Microsoft found that 91 percent of teachers believed cybersecurity should be taught. Delivering this knowledge and skillset could well lead to increased interest in the subject as a whole and could lead to more students being inspired to take up a career in it.

Future candidates will need to understand the architecture, administration, and management of operating systems, in addition to grappling with the bigger picture when it comes to an organisation’s reliance on the data centre. However, ‘soft skills’ are equally important. Security professionals have to communicate complicated subjects to people who might not have much of a technical background.

The Further Education (FE) sector plays an important role in providing the building blocks for courses in cybersecurity at the Higher Education level. Employers also need to be willing to recruit graduates with a degree in other subjects into entry-level roles in cybersecurity. However, now more than ever, it’s important to consider alternative routes, such as apprenticeships, to ensure everyone has a fair chance of working in an industry which desperately needs as much talent as possible.

It is also important to ensure those with an interest in cybersecurity have the opportunity to gain as much ‘real world’ experience as possible. There are many different areas of security, and only by exploring different domains will future professionals understand what areas they’re most interested in and gain an appreciation of what different teams are able to accomplish.    

Preparing for the new work landscape

While we must equip students with the important cybersecurity skills to have a successful career, we must also prepare them to work in ‘the new normal’. COVID-19 has fundamentally shifted the way businesses and workers operate., IT teams are having to adapt to the challenges which come with flexible working. For example, the traditional 9-5 is now less of a business priority with many staff working flexible hours to accommodate personal schedules.     

While many have adapted to this situation, some individuals are taking their understanding of cybersecurity into their own hands now more than ever as offices look to continue working from home policy for the foreseeable future. Many workers will try to take shortcuts to rectify any potential downtime quicker while IT departments are busier than usual, but this could create further problems if the issue is not solved correctly. 

A lack of cybersecurity training and awareness across organisations will leave UK businesses at risk. It should now be a requirement to invest the time to future-proof security strategies. One of the best routes to boosting cybersecurity is through encouraging awareness about common-sense defensive protocols. IT departments cannot be wholly responsible for preventing attacks in the era of Bring-Your-Own-Device. Educating students on these risks should also be a key consideration before they enter the workplace.

Looking to the future 

As time goes on and as the threat landscape evolves, the cybersecurity industry will continue to grow exponentially. It is an industry which is crying out for technically skilled workers amid a European shortage of talent. However, only by encouraging and training the next generation can businesses be confident that there will be enough candidates to help them stay protected in the post COVID future.

Chris Hodson, CISO at Tanium

Related Articles