CISOs across the globe are struggling to fill vacancies in their cybersecurity teams, which has only exacerbated the challenges presented by increasingly sophisticated cyberthreats and an expanding digital attack surface. Between the recent shift to telework, continued digital innovation, and other recent technology trends, CISOs are finding it more urgent than ever to address this cybersecurity skills gap. There are a number of reasons contributing to the lack of security professionals, but part of the challenge is that organizations, schools, and vendors are not doing enough to address the underlying problems. Cybersecurity professionals require a level of expertise beyond the usual networking and programming skills other sectors require. As a result, it is estimated that there are currently over 5 million unfilled cybersecurity positions.
One of the biggest challenges is that there are few resources available to prepare individuals for the rigors of a cybersecurity career. As a result, individuals ranging from university students to computer engineers to veterans transitioning back into civilian life tend to follow other career paths. This lack of support limits the pool of potential candidates available to fill critical positions within IT teams. The resulting skills gap makes hiring trained cybersecurity professionals a significant challenge for CISOs, adding to a growing list of concerns around ensuring end-to-end security and business continuity.
One group that is often overlooked is veterans. In the US alone, about 200,000 service members transition to civilian life each year, according to DOD. Many of these veterans may struggle to find civilian employment, often because they do not know how their military training could apply to a civilian job. However, their military experience—experience that often includes working with high-tech tools—has developed things like situational awareness, an understanding of chain of command, and the ability to work under immense pressure that complement the skills needed for a career in cybersecurity.
Recognizing that veterans are an untapped resource when hiring cybersecurity professionals for both technical and nontechnical roles, organizations like Fortinet have worked to develop and champion robust veterans programs designed to helps military veterans make the transition into the cybersecurity industry. By providing candidates with hands-on training, mentoring, professional networking opportunities, and direct connections to an ecosystem of partner employers, programs like these can support veterans and better enable CISOs to secure their digital attack surface.
Matt Koscielniak, an 8 year-veteran of the US Coast Guard and Veterans Program graduate, is an example of the caliber of candidate that organizations need. The following interview spotlights the trajectory that led him to a role as a SOC Analyst.
I served in the United States Coast Guard for 8 years. During my time, I was exposed to various experiences, including standing operations and search and rescue watch. Operations watch was probably the most stressful thing I had ever done, but it enhanced my skills as a first responder, my capabilities as a leader, and my ability to work under pressure. It truly taught me what it means to serve and helped develop skills that I use day-to-day in my current role.
I currently work as a Security Operations Center Analyst. I conduct event monitoring for my firm’s networks and resolve incidents appropriately. This includes reviewing suspicious network activity, potential social engineering and phishing campaigns, as well as analyzing file hashes.
My friend in the Coast Guard was working in cybersecurity at the time and he suggested I look into the program. He highlighted that it was a good experience for helping veterans stand out to employers, as well as provided connections to their ecosystem of hiring partners. I decided to apply, and after some interviews and connecting with Fortinet, I got into the program. I am grateful I was accepted into the Veterans program as it helped leverage my military experience to become a SOC analyst.
The program helps provide cybersecurity fundamentals and advanced skills as well as essential networking knowledge. Whether one has experience in cybersecurity or not, the program is effective in getting veterans connected with the required skills and the companies that seek those skills.
The benefit of hiring veterans is that they possess the right mindset: teamwork, leadership, service, getting the job done no matter what, and so much more. What makes veterans beneficial in the cybersecurity field is that they already have an operations-oriented mindset. That mindset is very much applicable, and needed, adding value to any cybersecurity team.
As a leader in cybersecurity, Fortinet delivers excellence in their program and that is reflected in the training they provide and the connections they help veterans forge. Companies will benefit from hiring a veteran who has gone through the program because they can rest assured they can apply their critical cybersecurity skills to their role alongside their existing military experiences.
CISOs struggling to fill open cybersecurity positions within their organization need to look outside their usual candidate pool. That can start by looking at the thousands of veterans looking to transition into civilian life every year. That can include building your own mentoring program or partnering with organizations like Fortinet to ensure that veterans get the essential training and networking resources they need for a successful career in cybersecurity.
Find out more about Fortinet’s NSE Training Institute programs, including the Certification Program, Security Academy Program and Veterans Program, which provide critical cybersecurity training and education to help solve the cyber skills gap and prepare the cybersecurity workforce of tomorrow.