Page 281 - Cyber Defense eMagazine Annual RSA Edition for 2024
P. 281

Modernize university education

            Universities worldwide excel in laying the groundwork for cybersecurity careers. However, the game has
            changed in the industry. Cybercriminals don’t play by the rulebook and are, therefore, always one step
            ahead. University curriculums need to adapt to this.

            Cybersecurity and IT professionals are calling for change. Our research revealed that an overwhelming
            90% emphasize the need for cybersecurity and computer science graduates to be prepared with hands-
            on, practical experience before their first role.


            To address this issue, universities must adapt to modern threats with a refreshed curriculum focused on
            real-world  attack  &  defense  techniques,  tactics,  and  procedures.  Focus  on  incorporating  real-world
            scenarios, simulations, and exercises where students can apply the theory they’ve learned to practical
            problems.

            Universities aren’t alone here. They can turn to industry partnerships to adjust the curriculum to provide
            internships or work placements with cybersecurity firms or roles, guest lecturers, or case studies that
            expose students to real-world challenges.

            It’s also essential to encourage students to participate in Capture the Flag (CTF) or bug bounty programs,
            or for universities to run their own programs, where students can put their skills to the test.

            A practical curriculum isn’t a nice-to-have; it’s essential.



            Revisit recruitment processes

            A  similar  problem  is  happening  within  enterprises  and  recruitment,  where  practical  skills  are  also
            undervalued in the process.

            In  fact,  two-thirds  (64%)  of  cybersecurity  industry  professionals  say  current  recruitment  processes
            inadequately assess candidates' practical skills.

            For  starters,  businesses  and  recruitment  processes  need  to  place  more  emphasis  on  the  industry
            certifications and practical upskilling methods candidates have obtained when they are pulling together
            job  descriptions,  requirements,  and  reviewing  CVs.  For  example,  don’t  just  prioritize  university
            credentials;  look  for  candidates  who  have  experience  with  CTFs,  bug  bounty  programs,  and  online
            upskilling certificates.

            During the interview process, it's crucial that the structure focuses on practical assessment so candidates
            can showcase their expertise and mindset against real-world tactics.

            Present candidates with hypothetical scenarios and assess their problem-solving approach. Look for
            candidates who demonstrate a hacking mindset and an ability to handle high-pressure situations.

            Businesses shouldn’t just rely on recruiters and external sources. If you want the right cyber talent, you
            need to build it yourself by running internship programs and encouraging apprenticeships to nurture the
            skills of young cybersecurity and IT talent.





                                                                                                            281
   276   277   278   279   280   281   282   283   284   285   286