Cy Says Blog & Podcast

Posts about:

cybersecurity (9)

Ep 48: Pathways into Cybersecurity with Erica Wilson

Erica Wilson current VP, Global Cybersecurity and Privacy Risk Management at RGA gives us a glimpse of her career journey and then explains fundamental things she has learned along the way. For instance, the importance of building a network prior to looking for a career and how to best reposition yourself with interdisciplinary skills. Erica urges those looking to get into cyber to study the companies they wish to work for and consider peripheral roles that may set them in desired roles later.  

 

Read More

We Need to Promote Non-traditional Skill Paths to Cybersecurity

This week CyberUp had the opportunity to hang with our partners at the Security Advisor Alliance at their first in-person Converge Tour in over 2 years. Converge Tours bring local high school students together with cybersecurity professionals to explore what is cybersecurity, apply some basic concepts in a capture the flag style event, and then ask questions to each of the volunteers about how they got to where they are. Needless to say….it was inspiring. I am always in awe of a student’s interest in the subject and the amount of awareness they have about technology concepts. I know I wasn’t at that level when I was their age.

A major theme of the event is to inspire a student to see cybersecurity as a career path that is available to them. The usual stats of millions of jobs available and CRAZY HIGH salaries of course were shared as they should. Students like money and the income potential in the industry are hard to ignore. During the question/answer session with professionals, students asked a lot of questions about their roles, what they do, and funny stories, but we never really got to the “how did you get there” discussion. I would speculate most students would assume a traditional college skill path. However, that path may not be a possibility or even a desire.

I was given an opportunity to talk a bit about CyberUp’s programs by AJ Eads (host of the event). I love talking about the work we do and it’s important to me to highlight that there are non-traditional skill paths that don’t involve a college education. I firmly believe that by focusing on traditional pathways alone we will never actually “move the needle” on the talent shortage we always hear about.

Our time together was short, but I hope I left a small impression on the students and they explore options like PowerUp Cyber Games to keep their cybersecurity interest front of mind until they graduate high school. I also hope they look at alternative programs like boot camps, certification tracks, self-taught, or apprenticeships to break into a cybersecurity career. The common denominator of success in cybersecurity is obtaining a particular set of skills, building your network, and selling yourself to an employer who will give you an opportunity to shine.

We have to do a few things to grow the cybersecurity workforce:
• Promote both traditional and non-traditional pathways to students.
• Look at this with a long-term approach by engaging middle and high school students.
• Build pathways for non-traditional candidates (BIPOC, women, veterans) who are looking for careers and not just jobs.
• Widen how we prepare both youth and adults for cybersecurity careers.
• Expand the requirements and types of people companies hire.

We share stories regularly on our social channels with examples of what we believe right looks like. This is a combination of companies who adopt apprenticeship, individuals who we prepare for those apprenticeships, and the students and teachers we engage through PowerUp Cyber Games. We share those examples to inspire others to join our efforts to promote non-traditional pathways to cybersecurity careers.

It was an honor to participate in the Converge Tour with the Security Advisor Alliance and spend the day with inspiring students and industry professionals. Thank you for the opportunity!

Read More

Boeing and CyberUp Team Up Again To Train Veterans

ST. LOUIS – A little over four years ago a group of community leaders came together and presented an idea on how we can grow the regional workforce. These leaders included organizations like the St. Louis Regional Chamber, the Leadership Council of Southwestern Illinois, and Scott Air Force Base. The base was seeking a solution to their growing skills gap and a way to overcome hiring cleared personnel.

There wasn’t an easy solution, but with the creation of CyberUp and a little bit of tenacity, collaboration, and community support we have a solution. With support from Boeing and the Scott Air Force Base Airman and Family Readiness Center, CyberUp has developed a pathway to help transitioning veterans begin a high-paying career in cybersecurity.

On October 5th, CyberUp started training 15 veterans and military spouses for our Veteran LevelUp Program. The program targeted veterans transitioning from active duty with 6 – 12 months left to their military commitment or active National Guard and Reservists. Participants received 6 months of free, virtual supported training by CyberUp. Their training will ramp up their technical and cybersecurity skills to CompTIA Security+. Upon completion of their training, veterans are eligible for apprenticeship placement services from CyberUp. Through placement at an employer partner of CyberUp, veterans will complete 2,000 hours as paid apprentices and continue their technical skills training.

To build on the success of the previous 3 cohorts, Boeing has invested in CyberUp to train 30 more veterans and military spouses in 2022. We will team up and support Scott Air Force Base who forecasted to have approximately 4,000 service members transition in 2022. This is the first step to attracting and training veterans in cybersecurity to stay in the St. Louis region. Veterans are highly sought after by local companies because of their commitment to mission and core values. “We have a tremendous amount of talent transitioning each year from our partners at the base. The more we can do to incentivize them to stay in our region will help fill our growing skills gap. I would like to personally grow this program to account for a minimum of 10% of the veterans transitioning each year. When we do this right, we can help other military communities through apprenticeship and training. The opportunities for both the veteran and the region,” Tony Bryan, Executive Director at CyberUp explains.

To learn more about the Veteran LevelUp Program, please visit CyberUp’s website at www.wecyberup.org/levelup-veterans. Information about the program, how to apply, and additional upcoming class details can be found there.

ABOUT CYBERUP:

CyberUp is a 501c3 nonprofit with a mission is to cultivate the cybersecurity talent pipeline for today and tomorrow. They accomplish this through their nationally recognized LevelUp: Apprenticeship Program and their youth-focused PowerUp Cyber Games. To learn more, visit wecyberup.org, or contact Tony Bryan at tony@wecyberup.org or 314-764-5419.

ABOUT THE BOEING COMPANY:

Through purposeful investments, employee engagement, and thoughtful advocacy efforts, Boeing and its employees support innovative partnerships and programs that align with the company’s strategic objectives, create value and help build better communities worldwide. Boeing’s efforts are focused on improving access to globally competitive learning, contributing to workforce and skills development, and supporting our military and veteran communities. Chicago-based Boeing is the world’s largest aerospace company and leading manufacturer of commercial jetliners and defense, space, and security systems. A top U.S. exporter, the company supports airlines and U.S. and allied government customers in more than 150 countries.

Read More

Are we actually making a difference in cybersecurity workforce?

I just returned from the 2022 NICE Conference in Atlanta, GA. It was amazing to meet up with colleagues we have worked with for the past 6 years face-to-face. It was also energizing to connect with new people who are all working to help “Demystifying Cybersecurity,” the theme of the conference. Over the course of 3-days, we convened on topics like degrees, apprenticeships, DEI, frameworks, pedagogy, curriculum, dashboards, and much more. I heard a ton of buzzwords and approaches but there was one particular talk that stood out to me.

On day 2 during the lunch keynote, we all had the pleasure of hearing from Paul Bingham from Western Governors University. Being fully transparent, they were a main sponsor of the event so I expected to hear just how great they are and all the ways they are educating and filling the “skills gap.” For the record, I am a big fan of their program and we did get some of that, but he took it in a very different direction than I expected.

He shared multiple headlines from I believe an NSF publication. Maybe I should’ve taken better notes but not the point today. What those headlines represented were articles written 10, 7, and 5 years ago about the challenges we are and will face in the realm of cybersecurity. He talked about advancements in technology, diversity and inclusion efforts, and much more. The bottom line, all of those stories are 100% still accurate and true today. In many aspects, like the talent pool, we are actually worse.

They announced the updated numbers for the Cyberseek website on day 1 of the conference. The new total that will be shown a million times by all of us increased to 714,548 job postings. This represents a 43% increase in the 12-month period compared to only 18% across the entire employment market. The other statistic that startled me was the number of employed cybersecurity workforce. The number is now 1,091,575 which represents an increase from the last update of about 40,000 workers. This indicates that the number of role growth was around 3X the number of employed workers. In essence, we are still losing the talent battle.

We have added more degrees, boot camps, apprenticeships, certifications, and automation yet we are still losing. Interest in the field has never been higher and pathways into them continue to grow. We continue to throw money and solutions at it but we are still where we were at 10-years ago as outlined in the stories shared by Mr. Bingham. What are we missing?

I firmly believe there isn’t a silver bullet solution but I am also curious to how we slow down the 3X gap in job openings and candidates we are experiencing every time the data updates. The time is now to change the narrative and our approach. We have to stop talking about solutions and delivering results. It is easy to forget each of these roles represents a missing link for our government or a company. They represent vulnerabilities, ransomware, IP loss, and most frightening of all, national security.

The point of my rant is to open up a discussion. Comment, share, argue, agree, or whatever you feel you need to do but I can confidently say that what we have done and continue to do isn’t working.

Read More