A new report examines the federal programs governing cybersecurity education and finds that these programs must reach more institutions to bolster security in the future.
The cybersecurity threat is real. A 2013 data breach at Target cost the company approximately $162 million. And a breach this year within the Office of Personnel Management exposed the personal data of more than 4 million current and former federal employees.
Threats like these show no signs of stopping. Unfortunately, the current cybersecurity workforce is understaffed, and the future looks even worse. The Bureau of Labor Statistics projects that by 2020, there will be 1.4 million IT job openings but only 400,000 computer science graduates with the necessary skills to fill the positions.
The future of the cyberworkforce relies on federal education programs that can equip workers to keep growing cyberthreats in check.
To that end, this month the National Academy of Public Administration released a 52-page report, "Increasing the Effectiveness of the Federal Role in Cybersecurity Education."
"A well-trained cybersecurity workforce is essential to both government and private industry. With cyber threats growing, however, the United States faces a severe shortage of properly trained and equipped cybersecurity professional," according to the report's executive summary.
The report assesses the effectiveness of two federal cybersecurity education programs offered at higher education institutions across the country: the National Centers of Academic Excellence in Information Assurance/Cyber Defense (CAE) and the CyberCorps: Scholarship for Service (SFS) programs.
The report issues four recommendations to improve the federal role in offering cybersecurity education:
Strengthen the hands-on education component in both the CAE and SFS programs.
Identify, track and use performance indicators for both the CAE and SFS programs.
Expand the SFS program to address the entire public sector (federal, state, local, tribal and territorial governments) automatically, and include qualified two-year programs regardless of their association with a four-year institution.
Emphasize to the Department of Defense senior leadership, including the secretary of defense, the importance of the CAE program for growing the federal cybersecurity workforce.