Finding trained security professionals is one of the hardest tasks an organization faces today. Colleges and universities are doing what they can to educate the next crop of cybersecurity professionals, but though graduates may have book knowledge, few have real-world experience and know-how within an enterprise security environment. Part of the challenge is that few training and certification programs are focused on real-world issues and technologies. Academic approaches have their value, but they often lack serious practical application in a live SOC or production environment.
Some applicants will have several certifications, but they are almost junior-level team members who lack the practical experience and self-assurance to hold their own while managing a live environment, especially during an active attack. Even if seasoned security professionals can be located, they are in such high demand that many organizations, especially small to mid-sized companies, can’t afford them.
A challenge this significant requires innovation, cooperation and concerted effort from many quarters. Governments, enterprises and higher education institutions are working on separate and joint initiatives to raise up the cybersecurity workforce needed to address serious threats to industry, commerce and even critical infrastructure.
Increasingly, enterprises are addressing the issue by creating programs that demonstrate their commitment to solving the global cybersecurity skills shortage by confronting the real issue: the talent gap. The mission of such programs is to identify individuals who have the aptitude, interest and ability to succeed as cybersecurity professionals.
Programs include funding training programs and resources in schools, establishing apprenticeship and mentoring programs, enabling workers who express an interest in the cybersecurity field, and working with diversity teams to fund training and scholarships for underrepresented groups such as women and minorities.
Another challenge is bringing advanced technical training to motivated individuals with the right sort of problem-solving skills and interests. One of the great untapped resources that has been seriously underappreciated by the cybersecurity industry is the number of veterans transitioning into public life from today’s highly digital military.
Many of these individuals have had years of training in advanced computer systems while operating them under some of the most demanding and stressful environments imaginable. They have also developed a strong sense of security and defense, understand critical issues like chain of command, especially during times of active threat, and have been trained to learn how to think like the enemy—all skills that few of today’s traditional security applicants possess.
One of the ways that enterprises are helping these individuals successfully transition into careers as security professionals is to facilitate the transition of exceptional military veterans into the cybersecurity industry by providing professional networking, training in the latest networking and security technologies, and mentoring in both civilian and business expectations.
Cyber skills programs that work with vets are able to capitalize on the natural synergy between participating in national defense unit in the Armed Services and defending critical information for businesses and government agencies. In addition to skills training, these programs provide benefits such as interview coaching—even including what to wear—and resume review and revision.
These programs start, however, by introducing veterans to the possibility of a career in the cybersecurity industry, combined with the promises of assistance with securing internships or employment. Such positions may be available at an enterprise hosting the program, with one of their key partners, or with companies that belong to a cooperative of regional or vertical organizations.
It’s great news that the veteran unemployment rate continues to drop— Veterans are among the groups prospering in the job market, according to the latest report from the Bureau of Labor Statistics. However, new veterans are being transitioned back into civilian life every single day. Opportunities still abound, then, to help continue this trend through training and mentoring programs.
Military experience affords unique skills sets that serve enterprise cybersecurity well. Veterans have been trained in the arts of defensive thinking and strategic planning. Most importantly, they possess intangible traits like discipline, confidence, courage (both moral and physical), and adaptability to the changing environments, which are all good traits for a cybersecurity operator to have. Not to mention the fact that many of them already have the training, certifications and clearances required in the cybersecurity industry.
Organizations must deal with both an increasingly complex and rapidly changing threat landscape and a dearth of cybersecurity personnel. Rather than waiting for a solution to appear, proactive organizations are creating programs that add to the pool of cybersecurity know-how in general and can solve their own personnel needs in particular. This increases the speed of developing basic expertise in the field and start veterans on an in-demand career path.
As this proactive method takes hold, organizations are increasingly realizing that veterans transitioning into civilian life are a good fit. Enterprises can fill their own pipeline while contributing to the global talent pool as they develop education, training and experience-based programs. This strategy will make both public and private organizations more secure around the world as a new army of cybersecurity professionals battles advanced threats.
Learn more about Fortinet’s Network Security Expert program , Network Security Academy program, and the FortiVets program. The FortiVets program is focused on retraining for military personnel transitioning into new careers.
Read more about how Fortinet is working to address the cyberskills gap.