The latest Global Information Security Workforce Study paints a grim picture, predicting that in five years, the number of unfilled cybersecurity jobs will raise to 1.8 million worldwide. The main reason? A “lack of qualified personnel” who can fill the role and a lack of universities providing cybersecurity education.
And while the industry ponders how best to entice and recruit top talent, there will be little talent to recruit unless young professionals are leaving the university system with an engineering degree that includes education around cybersecurity, or better yet, a degree with a concentration in cybersecurity. The later is nearly impossible to find. And trust us, we tried.
Last year we conducted a survey of cybersecurity education in the United States, surveying the top 121 computer science programs from universities across the US. We were looking to see whether these universities required or even offered cybersecurity courses for their computer science, computer engineering, and computer information systems degree programs. Most universities received and “F” or “D” letter grade from us, meaning they did not require courses in cybersecurity, and in some cases, didn’t even offer a single cybersecurity course.
This year we followed up with some of these schools, looking to see how their rankings may have changed.
We chose to follow up with 32 of the original 121 universities, based on the current top 25 schools for computer engineering and computer science, along with a few others that were highlighted in our previous infographic.
This year we saw some improvement, but it was slight. The infographic below highlights the aforementioned schools with their corresponding letter grade. As you can see, much more is needed to be done in order to truly prepare graduates for a career in cybersecurity, an industry with demand that exceeds the number of qualified workers it needs.
Ideally universities will help change this. They’ll begin to demand that students be aware of cybersecurity practices, encourage them to employ due diligence, and support research into better compliance and automation practices. Until then the industry will work to train employees at DevOps speed for a job that often feels like wading through quicksand.