With at least a half-million cybersecurity positions unfilled in the United States, Federal experts and educators said closing the gap on the shortage of cybersecurity professionals begins with cyber education efforts, particularly at the K-12 level.
At the “Expanding the Nation’s Cybersecurity Workforce: A National Imperative” forum hosted by the National Academy of Public Administration (NAPA) and the Florida Center for Cybersecurity on April 5, National Cyber Director Chris Inglis, stressed that “our cyber education efforts need to” address everyone, not just those in the cybersecurity industry.
“If we get that right, then we’ll be in a place where we can create resilience in our people, and ultimately, resilience in our doctrine so that we can put ourselves in a position where if you’re a transgressor in this space, you have to get past all of us,” Inglis said. “You have to beat all of us to beat one of us.”
To get those cyber education efforts “right,” as Inglis said, the focus should turn to accreditation bodies, “the way that we think about higher education,” and K-12 education, according to Diana Burley, the vice provost for research from American University and a leading cyber workforce educator.
“There is a base level of competence that we all need to have,” Burley said. “Until we as a higher education enterprise, an education enterprise, a society, get beyond this notion that only some institutions need to have this and that this really is a fundamental skill set that all of our students need to have in order to function as effective members of society, before we start to compartmentalize into different career fields – we’re always going to be playing catch up.”
Burley went on to explain that cybersecurity should no longer be considered an “extracurricular” area at K-12 schools.
“We don’t put English in the after-school program. We don’t tell you to come learn algebra on Saturday, because it’s to the side,” Burley said.
“We have got to get to a place where we are able to get this curricular content into our K-12 schools so that in fifth period, you’re going to your cyber class just like you would be going to your English class or your math class or what have you,” she added. “Until we do that, we are going to be playing catch up and we’re not going to have this as the mainstream foundation for those who are at the tip of the spear and those who are in general society.”
Charles Romine, the director of the Information Technology Laboratory at the National Institute of Standards and Technology (NIST), agreed with Burley and emphasized the “important need of understanding the totality of the need for cybersecurity education.”
“We need cybersecurity education as part of a well-rounded education in general,” Romine said. “Imagine, wouldn’t it be fantastic if students already had a grounding on the basics of cybersecurity when they graduated high school? The same way they have in English, math, and other areas of science?”
