There’s no doubt about it. Cybersecurity incidents are rising. In 2024, the FBI reported a 9% increase in ransomware complaints targeting critical U.S. infrastructure sectors, such as healthcare, manufacturing and government facilities. The cost of these breaches is also increasing. A report from IBM found that the average cost of a data breach in 2024 totaled $4.88 M.
Despite advancements in cybersecurity prevention and detection, bad actors will always look for another way to commit cybercrimes. Beyond the immediate financial impact, cybersecurity incidents also pose a risk to company and customer data, which can ruin brand reputation and erode customer trust.
Unfortunately, the cybersecurity industry is facing a growing talent shortage. The current vacancy rate for cybersecurity positions stands at 28%, with many organizations acknowledging its impact on their ability to address escalating threats. The gap is due, in part, to high demand and a shortage of professionals in the industry. However, it’s also due to skill gaps in the existing workforce and barriers to entry for new graduates.
The industry needs a new solution for a sustainable pipeline of quality workforce talent – student-powered SOCs.
Reality Check: The Cybersecurity Workforce Crisis
Though eager to join the workforce, young talent cannot fill the existing workforce gap as it stands today. Because AI can now handle most level 1 threats, it has virtually eliminated entry-level positions, disqualifying new graduates before they can even get their foot in the door.
Yet, even with rising industry awareness about the unsustainable future of the talent pipeline, few steps have been taken to address the issue. Add in recent cuts to the federal workforce and upskilling needs for existing talent, and you have a compounding problem. One that bad actors won’t wait for the industry to figure out.
Expectation vs. Reality. The Misalignment Between Higher Education and Job Qualifications
A big hurdle in place today is the traditional model for developing new talent. University programs are designed to prepare students for success in entry-level cybersecurity jobs that are increasingly being replaced by AI.
Changing expectations for entry-level positions now mean a lack of hands-on experience is increasingly a barrier to entry for new grads. While programs are making adjustments to help support students in the shifting job environment, change takes time.
Many universities are also facing the very real challenge of lost government funding. This puts the onus on the private sector to collaborate with public institutions to rethink career pathways and create new entry points for cybersecurity talent.
A New Model: Public/Private Student-Powered SOC
One such public/private model is proving to be highly successful. Through a partnership with TekStream, Splunk and AWS, Louisiana State University (LSU) has now established two student-run SOCs.
The first SOC, launched in 2023, supports the state’s public higher education institutions across 38 campuses. Centered around a whole-of-state framework – taking the approach that what is good for one is good for all – the SOC leverages student talent during traditional business hours to handle cybersecurity incidents at levels of comfort and proficiency specific to each student involved.
Students gain experience and build their resumes in real-time under this model, graduating with the skills needed to handle level 2 cybersecurity events. The program is not restricted to computer science majors, recruiting from all disciplines.
To date, a total of nine students have graduated from the program, which also has an almost 50/50 split between male and female students. This model is also being replicated at the New Jersey Institute of Technology.
The second SOC, TigerSOC, follows the same model but supports external organizations looking for more affordable yet high-quality cybersecurity support. Cybersecurity management can be costly, and TigerSOC offers a cost-effective alternative for small-to-mid-sized organizations that doesn’t leave them exposed.
Workforce Development at Scale
Looking ahead, public/private partnerships are the future of developing and upskilling cybersecurity talent. The student-run SOC model, developed by TekStream, LSU, AWS, and Splunk, is a replicable model that more higher education institutions can leverage.
Rather than serving as a quick fix, student-powered SOCs offer a long-term strategy that is easy to deploy and scale. Companies can also take advantage of student-run SOCs like TigerSOC to gain access to quality, affordable cybersecurity talent and help develop their pipeline for internal talent
The Path Forward
The cybersecurity workforce shortage isn’t just a hiring issue. It’s a pipeline issue. Industry expectations for entry-level talent and their education need to realign to build a sustainable, experienced workforce upon graduation. As threats continue to evolve, so too must our approach to new talent training and upskilling.
Programs like the student-powered SOCs at LSU offer a glimpse into a more effective model, bridging the gap between theory and hands-on incident response experience. More coordinated efforts between public and private entities will help us build a stronger cybersecurity workforce for today and the future.
About the Author
Robert C. Jansen is Chief Executive Officer and President. Rob leads daily business operations and oversees the development and execution of the Company’s growth strategy and initiatives. Rob has been in the information technology sector for over 25 years providing leadership, consulting, and implementation services to leading Fortune 1000 clients. Working with his team of industry-leading executives, Rob oversees all TekStream practice areas and functional disciplines including sales, solution development, and client delivery.
Under Rob’s leadership, TekStream is leading the charge for a new cybersecurity workforce, leveraging student-powered SOCs and a whole-of-state approach to provide quality, co-managed cybersecurity services, stateside. The company was also named in Gartner’s® 2025 Market Guide for Co-Managed Security Monitoring Services.
Prior to founding TekStream, Rob was Vice President of Sales for Enterpulse/IdhaSoft and responsible for forging and managing the strategic alliances of the company, including Oracle, and for selling the solutions which Enterpulse/Idhasoft implemented for its clients. In addition, Rob was responsible for managing and maintaining the company’s sales forecast and serving on an executive team to manage the company’s strategic decisions for sales growth, resource investments, and operational strategy, including the profit and loss report.
Rob can be reached online at https://www.linkedin.com/in/robjan/ and at our company website https://www.tekstream.com.
