The Solution to Cyber Workforce Shortfalls

on January 3, 2019 |

As malicious software exposures increases and skilled adversaries continue to meet with success at stealing information, qualified cybersecurity professionals remain scarce.

Regent University’s multi-tiered training pipeline is primed to fill the gap

The international shortage of qualified cybersecurity professionals continues to grow at an alarming rate. The Cybersecurity Workforce Study released by ISC2 in October reported that the cybersecurity workforce gap has increased to nearly 3 million globally, with 498,000 of those job vacancies in North America.

Further, it has been reported that 25 percent of the applicants vying for those positions are not qualified to fill them because they lack practical experience and technical skills.

“Everyone is fighting for the same resource pool,” said Stephanie Butts, executive director of Regent University’s Institute for Cybersecurity in Virginia Beach, Va., adding that executives competing for those professionals should take a hard look at their IT and cyber defense teams and ask themselves some questions. “Is our staff equipped to face the challenges that are coming down the pike? What is our staff communicating about their ability to prevent, detect and respond to cyber threats?”

While many IT professionals receive commercial certifications, research has shown that they often don’t acquire the in-depth skills needed to effectively perform a cyber-defense role.

“What we’ve seen are privileged users, the actual cyber defenders with the keys to the kingdom, who have the certifications but don’t have a total understanding of cyber-defense principles and have had very little hands-on practice,” Butts said.

While executives have increased their understanding of how cybercrime can impact business, many don’t understand the vulnerabilities that result from having an underqualified staff. In that regard, they have a false sense of security thinking that the technology they have invested in is protecting their enterprise on its own. While having the right tools is an essential component to an overall strategy, having people with the right skills to use the tools is paramount to success in protection the value chain.

“As long as things are running smoothly, many executives think that their cyber defense is solid.  This is a fallacy because in reality cyber is not typically operationalized and IT departments struggle to compete for the necessary downtime to apply patches.  As result, the practice of good cyber hygiene quickly turns into normalizing deviations opening the business up to vulnerabilities. Then they get exploited and look at each other and say, ‘What happened?’”

Regent University’s Institute for Cybersecurity is uniquely positioned to address those problems by closing the gap between classroom theory by providing practical, real-world proficiency.

The institute, home to one of the most powerful and agile cyber simulation laboratories in the region, offers a training pipeline to develop cybersecurity proficiency. The Regent Certified Cyber Practitioner (RCCP) program includes three six-day courses that transform IT professionals into strong cyber defenders by providing trainees with the hands-on experience needed to face tomorrow’s cybersecurity challenges.

At the basic level, security and networking essentials are covered with approximately 30 percent of class time involving labs integrated into the range platform as well as actual live-fire scenarios to reinforce security and networking principles.

The intermediate course offers more complex security-based principles including the Cyber First Responder (CFR) curriculum and practical labs integrated into the range platform, as well as actual range live-fire scenarios representing approximately 40 percent of class time.

In the advanced course, approximately 70 percent of class time is spent on the range working through live-fire scenarios as well as a unit on threat hunting and a capstone project on day six creating a comprehensive incident response report based on one of the more challenging scenarios.  Regent focuses on incident response reporting that is on par with an internal report produced by a Fortune 500 cyber defense team.

“Our live-fire simulation training provides the tools and capabilities commonly deployed in enterprises found across commercial and Department of Defense entities. We walk trainees through attack scenarios ripped from the headlines and conduct intrusion analysis,” Butts said. “We take it a step further by teaching them how to write a comprehensive incident response report so they have the deliverable to communicate the risk to senior leaders and executives.”

Regent’s courses are offered by a world class trainer holding the SANS GIAC Security Expert (GSE) certification, ensuring that training is delivered by recognized experts in the field.

“Our facilitators share a passion to promote and create a workforce with a solid understanding of theory and the technical skills to be smarter than the adversary and to stay ahead of the threat,” Butts said.

As an academic institution, Regent also offers associate, bachelor’s and master’s degree NSA-accredited programs in cybersecurity.

Regent University’s Institute for Cybersecurity is disrupting and transforming the Cyber Defense industry with a state-of-the-art training platform and world-class trainers. To learn more about commercial training offerings, visit regent.edu/cyber or contact the institute at 757.352.4215.

Source:  Regent University

Show Buttons
Hide Buttons