Cy Says Blog & Podcast

We Need to Promote Non-traditional Skill Paths to Cybersecurity

This week CyberUp had the opportunity to hang with our partners at the Security Advisor Alliance at their first in-person Converge Tour in over 2 years. Converge Tours bring local high school students together with cybersecurity professionals to explore what is cybersecurity, apply some basic concepts in a capture the flag style event, and then ask questions to each of the volunteers about how they got to where they are. Needless to say….it was inspiring. I am always in awe of a student’s interest in the subject and the amount of awareness they have about technology concepts. I know I wasn’t at that level when I was their age.

A major theme of the event is to inspire a student to see cybersecurity as a career path that is available to them. The usual stats of millions of jobs available and CRAZY HIGH salaries of course were shared as they should. Students like money and the income potential in the industry are hard to ignore. During the question/answer session with professionals, students asked a lot of questions about their roles, what they do, and funny stories, but we never really got to the “how did you get there” discussion. I would speculate most students would assume a traditional college skill path. However, that path may not be a possibility or even a desire.

I was given an opportunity to talk a bit about CyberUp’s programs by AJ Eads (host of the event). I love talking about the work we do and it’s important to me to highlight that there are non-traditional skill paths that don’t involve a college education. I firmly believe that by focusing on traditional pathways alone we will never actually “move the needle” on the talent shortage we always hear about.

Our time together was short, but I hope I left a small impression on the students and they explore options like PowerUp Cyber Games to keep their cybersecurity interest front of mind until they graduate high school. I also hope they look at alternative programs like boot camps, certification tracks, self-taught, or apprenticeships to break into a cybersecurity career. The common denominator of success in cybersecurity is obtaining a particular set of skills, building your network, and selling yourself to an employer who will give you an opportunity to shine.

We have to do a few things to grow the cybersecurity workforce:
• Promote both traditional and non-traditional pathways to students.
• Look at this with a long-term approach by engaging middle and high school students.
• Build pathways for non-traditional candidates (BIPOC, women, veterans) who are looking for careers and not just jobs.
• Widen how we prepare both youth and adults for cybersecurity careers.
• Expand the requirements and types of people companies hire.

We share stories regularly on our social channels with examples of what we believe right looks like. This is a combination of companies who adopt apprenticeship, individuals who we prepare for those apprenticeships, and the students and teachers we engage through PowerUp Cyber Games. We share those examples to inspire others to join our efforts to promote non-traditional pathways to cybersecurity careers.

It was an honor to participate in the Converge Tour with the Security Advisor Alliance and spend the day with inspiring students and industry professionals. Thank you for the opportunity!

Read More

Boeing and CyberUp Team Up Again To Train Veterans

ST. LOUIS – A little over four years ago a group of community leaders came together and presented an idea on how we can grow the regional workforce. These leaders included organizations like the St. Louis Regional Chamber, the Leadership Council of Southwestern Illinois, and Scott Air Force Base. The base was seeking a solution to their growing skills gap and a way to overcome hiring cleared personnel.

There wasn’t an easy solution, but with the creation of CyberUp and a little bit of tenacity, collaboration, and community support we have a solution. With support from Boeing and the Scott Air Force Base Airman and Family Readiness Center, CyberUp has developed a pathway to help transitioning veterans begin a high-paying career in cybersecurity.

On October 5th, CyberUp started training 15 veterans and military spouses for our Veteran LevelUp Program. The program targeted veterans transitioning from active duty with 6 – 12 months left to their military commitment or active National Guard and Reservists. Participants received 6 months of free, virtual supported training by CyberUp. Their training will ramp up their technical and cybersecurity skills to CompTIA Security+. Upon completion of their training, veterans are eligible for apprenticeship placement services from CyberUp. Through placement at an employer partner of CyberUp, veterans will complete 2,000 hours as paid apprentices and continue their technical skills training.

To build on the success of the previous 3 cohorts, Boeing has invested in CyberUp to train 30 more veterans and military spouses in 2022. We will team up and support Scott Air Force Base who forecasted to have approximately 4,000 service members transition in 2022. This is the first step to attracting and training veterans in cybersecurity to stay in the St. Louis region. Veterans are highly sought after by local companies because of their commitment to mission and core values. “We have a tremendous amount of talent transitioning each year from our partners at the base. The more we can do to incentivize them to stay in our region will help fill our growing skills gap. I would like to personally grow this program to account for a minimum of 10% of the veterans transitioning each year. When we do this right, we can help other military communities through apprenticeship and training. The opportunities for both the veteran and the region,” Tony Bryan, Executive Director at CyberUp explains.

To learn more about the Veteran LevelUp Program, please visit CyberUp’s website at www.wecyberup.org/levelup-veterans. Information about the program, how to apply, and additional upcoming class details can be found there.

ABOUT CYBERUP:

CyberUp is a 501c3 nonprofit with a mission is to cultivate the cybersecurity talent pipeline for today and tomorrow. They accomplish this through their nationally recognized LevelUp: Apprenticeship Program and their youth-focused PowerUp Cyber Games. To learn more, visit wecyberup.org, or contact Tony Bryan at tony@wecyberup.org or 314-764-5419.

ABOUT THE BOEING COMPANY:

Through purposeful investments, employee engagement, and thoughtful advocacy efforts, Boeing and its employees support innovative partnerships and programs that align with the company’s strategic objectives, create value and help build better communities worldwide. Boeing’s efforts are focused on improving access to globally competitive learning, contributing to workforce and skills development, and supporting our military and veteran communities. Chicago-based Boeing is the world’s largest aerospace company and leading manufacturer of commercial jetliners and defense, space, and security systems. A top U.S. exporter, the company supports airlines and U.S. and allied government customers in more than 150 countries.

Read More

Are we actually making a difference in cybersecurity workforce?

I just returned from the 2022 NICE Conference in Atlanta, GA. It was amazing to meet up with colleagues we have worked with for the past 6 years face-to-face. It was also energizing to connect with new people who are all working to help “Demystifying Cybersecurity,” the theme of the conference. Over the course of 3-days, we convened on topics like degrees, apprenticeships, DEI, frameworks, pedagogy, curriculum, dashboards, and much more. I heard a ton of buzzwords and approaches but there was one particular talk that stood out to me.

On day 2 during the lunch keynote, we all had the pleasure of hearing from Paul Bingham from Western Governors University. Being fully transparent, they were a main sponsor of the event so I expected to hear just how great they are and all the ways they are educating and filling the “skills gap.” For the record, I am a big fan of their program and we did get some of that, but he took it in a very different direction than I expected.

He shared multiple headlines from I believe an NSF publication. Maybe I should’ve taken better notes but not the point today. What those headlines represented were articles written 10, 7, and 5 years ago about the challenges we are and will face in the realm of cybersecurity. He talked about advancements in technology, diversity and inclusion efforts, and much more. The bottom line, all of those stories are 100% still accurate and true today. In many aspects, like the talent pool, we are actually worse.

They announced the updated numbers for the Cyberseek website on day 1 of the conference. The new total that will be shown a million times by all of us increased to 714,548 job postings. This represents a 43% increase in the 12-month period compared to only 18% across the entire employment market. The other statistic that startled me was the number of employed cybersecurity workforce. The number is now 1,091,575 which represents an increase from the last update of about 40,000 workers. This indicates that the number of role growth was around 3X the number of employed workers. In essence, we are still losing the talent battle.

We have added more degrees, boot camps, apprenticeships, certifications, and automation yet we are still losing. Interest in the field has never been higher and pathways into them continue to grow. We continue to throw money and solutions at it but we are still where we were at 10-years ago as outlined in the stories shared by Mr. Bingham. What are we missing?

I firmly believe there isn’t a silver bullet solution but I am also curious to how we slow down the 3X gap in job openings and candidates we are experiencing every time the data updates. The time is now to change the narrative and our approach. We have to stop talking about solutions and delivering results. It is easy to forget each of these roles represents a missing link for our government or a company. They represent vulnerabilities, ransomware, IP loss, and most frightening of all, national security.

The point of my rant is to open up a discussion. Comment, share, argue, agree, or whatever you feel you need to do but I can confidently say that what we have done and continue to do isn’t working.

Read More

CyberUp Announces Four New Board Members

New members will enhance the board’s focus to grow the cybersecurity workforce through high-quality LevelUp Apprenticeships, and engage students through PowerUp Cyber Games.

St. LOUIS, MO– CyberUp, a national nonprofit organization today announced four new board members who will each help support the nonprofit’s work to cultivate the cybersecurity talent pipeline for today and tomorrow.

“We’re excited to expand our board with four new members who will bring diverse expertise and insight to our work,” said CyberUp Board Secretary Doug Menendez. “We have worked diligently to ensure CyberUp’s board and leadership represents a variety of experts from various industries and is a better reflection of the world we live in, and the newest board members are no exception.”

The four new board members are:

  • Renita Rhodes, Principal Auditor – Information Security, Wells Fargo
  • Suda Suvarna, Deputy Chief Information Officer/Managing Director, Deloitte
  • Eddie Williams, Strategy, Governance and Management, PwC
  • Chris Hogan, Vice President, Corporate Security Architecture and Engineering, MasterCard

To learn more about the CyberUp board and read member bios, click here.

                                                            # # #

CyberUp is a 501c3 created to cultivate the cybersecurity talent pipeline for today and tomorrow. CyberUp launched in February 2016 as a regional effort to expand the availability of cybersecurity talent but aspires to reach a national audience. In a short time, the organization and the organization’s leadership has grown to be a nationally recognized team that has the solution to shrinking the forecasted 2.5 million job openings by 2022. CyberUp develops the cybersecurity talent pipeline both short and long-term. Our short-term solution of apprenticeship develops and prepares a skilled workforce for companies to hire. Our long-term approach connects youth with a gamified, virtual cybersecurity competition to gain cybersecurity skills and piques their interest in pursuing STEM-related careers. https://www.wecyberup.org

Read More

Five years in the Making

CyberUp recently celebrated its five-year anniversary and I can’t help but think back on how action-packed these last five-years have been. Take a walk down memory lane with me if you will as I reminisce on my last four and a half years with CyberUp through the lens of our core values.

Tenacious

As with any young organization, you can’t make it to the five-year mark without being tenacious. Five years ago, we had a group of thought leaders come together to identify a solution to a critical need of growing the cybersecurity talent in our region. CyberUp was born as the Midwest Cyber Center of Excellence. We rebranded in 2019 to CyberUp to better represent our mission and the geographical reach of our programs.

We’ve spent the last five-years fine-tuning how we were going to develop and grow the cybersecurity talent pipeline. Our mission has remained the same the whole time, but the “how” has been an ongoing work of love. In 2017, we were approached by the Department of Labor to create a cybersecurity-related registered apprenticeship. It sounded like a great idea, but honestly, we weren’t quite sure what we were getting into.  Over the last three years, we’re continually asking for feedback from companies, industry professionals, and even our candidates on how we can make our apprenticeship program better. We’ve continued to educate companies about how apprenticeships work and how our apprenticeship program can solve their workforce storage. We’ve made a commitment to cultivating the cybersecurity talent pipeline and we’re not going to let anything stand in our way from accomplishing that mission.

Veracious

We are probably more truthful about where we’ve come from and where we’re going than people expect. We’ve been extremely honest about our growing pains with the apprenticeship program or even our youth program during any of the collaborative working groups we’re apart of. We’re more than honest letting our peers know what’s worked and what hasn’t worked. It’s great being the first cybersecurity apprenticeship program in our region, but that notoriety also comes with growing pains we get to work through.

We’ve had some tough conversations of tough love with some of our candidates polishing up their workforce readiness skills because no one had the courage to provide the candidate feedback before. This tough love was never mean-spirited, but it helped them develop them and land their next job.

We’re probably most honest with ourselves. After each event we complete an after-action report to go over what did and didn’t work so we’ll know how to make the event or program better the next time we do it. It’s never anything personal. Being this honest with ourselves has kept up nimble and able to quickly adjust to the challenges we face like a global pandemic for example. We’re not afraid to try something to see if that’s going to connect with our audience better.

Hungry

When we say hungry we don’t mean physical hunger as in pass the snacky-poos so my tummy stops growing. We mean that we’re not going to give up. We’re going to keep brainstorming, researching, asking questions, finding mentors, and working together to develop the cybersecurity talent pipeline. We will continue to root for our candidates who have so much potential but aren’t given the opportunity to prove themselves because they don’t happen to have a college diploma. We’re hungry to provide the best training and take time developing relationships with companies to hire our apprentices. We’re also hungry to continue to work with our youth partners to develop a fun, gamification way for middle and high school students to learn cybersecurity.

Adaptive

Being adaptive honestly feels like my 2020 motto. Adapt and overcome. CyberUp and the rest of the world went into 2020 very optimistic. Although we’ve still done a great job hitting our goals, it wasn’t how we envisioned it would happen at the beginning of the year. We started off the year with a Military Spouse IT Fundamentals in-person class, but a couple of weeks in had to completely convert the class 100% online. Our instructor and students quickly adapted to the new class, but it provided an opportunity to quickly pivot to run the class in a new environment that’s now scalable nationwide. We also started our PowerUp: Cyber Games pilot at the beginning of the year, but once the world shut down, it helped us realize the importance of us making sure we made our cybersecurity challenges able to be completed on a Chromebook. It made us extremely aware of the potential barriers some students might face if they don’t have access to Wi-Fi or a Chromebook. The pandemic made us adapt to our new reality and learn how to quickly engage candidates and students remotely. It helped push us to create our own resources and content for our candidates and students to explore on their own time.

Collaborative

This is one that comes naturally for us. We truly want to see the region and nation do better. We want to see the people who have been laid off transition into cybersecurity. We want to help the military veteran transitioning out of the military transition into a booming career field. We want to see youth explore cybersecurity now so they know all their options to get into the career field to make a difference and potentially change their trajectory in life. Because we genuinely want to lift everyone up and help secure our nation, we value all our partnerships and collaborative working groups that help us achieve these goals.

Although the road has been challenging, we’ve still been able to celebrate our success and the impact we’ve made so far. I look forward to what the next five years are going to look like for CyberUp and how much more of an impact we’ll be able to make.

Read More