Just like science, cybersecurity career prep requires hand-ons labs

Theory-heavy programs are far removed from the real world of cybersecurity technology.
Lauren Lamp
Lauren Lamp

Most colleges and universities offering cybersecurity courses face tough challenges in devising programs that are attractive and relevant, that combine theory with practice, and that help graduates get jobs. In a nutshell, the problem for institutions is that their theory-heavy programs are far removed from the real world of cybersecurity technology and the ever-growing threat landscape. While some provide limited hands-on training via virtual machines, these environments lack the look and feel and actual security tools used in a typical enterprise.

As a consequence, many students graduate without work-ready skills to help them gain employment in the hyper-competitive cybersecurity market. Even the most entry-level jobs require some basic understanding of security solutions or experience doing certain tasks. To help students transition to employment, institutions need to introduce hands-on training.

3 major challenges

A lot of academic institutions do a first-rate job of educating students about cybersecurity theory but fail to provide hands-on training with tools.

The first big obstacle to introducing such training lies with the academics themselves, as some instructors feel threatened that technology will replace them. But that fear is misplaced, because a good training platform will serve as a supplement, complementing theoretical material taught by instructors. In addition, technology can benefit instructors by giving them more time to focus on course preparation, grading, and other job demands.

The second is keeping the academic programs current—both from the technology side and the threat side. The problem for most institutions is they lack the expertise and resources to build a hands-on training environment with real-word tools and the latest threat scenarios. Building a hands-on training platform for a university can be cost- and time-prohibitive.

More from UB: Ready for the fall? 10 potential policy pitfalls college leaders must address this summer

Often, full time instructors come from a corporate environment. However, the longer they have been out of the corporate trenches, the more likely they are to be out of step with new technology and threats.

Finally, many institutions want to recruit more students into their cyber programs, but have a tough time doing so, without the lure of hands-on, interactive learning. Prospective students may find the theoretical approach boring and view security certification programs as better investments, while many don’t realize how dynamic the cybersecurity field is.

Technology can fill the gaps

To overcome these challenges, colleges and universities should not reinvent the wheel. Most institutions lack the resources to create a hands-on learning environment, and even the ones with incredibly deep pockets won’t be able to keep the environment up-to-date.

A better alternative is to use a technology platform that provides hands-on expertise and that can be integrated into existing academic programs—as a complement to cyber security theory. A strong solution will also make the institution more attractive to prospective students, looking to pursue a top-notch cybersecurity degree. It is vital to choose a platform that has the capabilities to stay current with cybersecurity technology and real-world threats.

Keeping up with the fast-changing world of technology and threats requires a team of specialists, often cross-trained, who are dedicated to improving their cybersecurity platforms on a weekly basis. Gamification can also play a key role in recruiting students, while boosting their tech skills and teaching them the soft skills of communication, collaboration and delegation.

The security platform should have training capabilities that encompasses team as well as individual training, giving students experiences where they can gain knowledge by being part of a team. For example, when students participate in detecting a threat in a virtual equivalent of a real network, they learn how to identify the threat and write incident response reports—while practicing their soft skills. Those team skills and soft skills greatly boost the chances of a job candidate being selected for employment.

To meet the needs of students who want the best cybersecurity education possible, colleges and universities must provide hands-on training that incorporates the virtual experience of dealing with the latest threat scenarios. Such training is the perfect complement to theory-based programs, it increases the prestige of institutions, and, most importantly, it boosts graduates’ chances of finding employment.

Lauren Lamp is senior director of customer success & support at RangeForce.


Most Popular