Successful cybersecurity takes an all-hands-on-deck effort

It is no secret that the cybersecurity workforce needs some support, and academia, industry and the government are working together to combat the scarcity of cybersecurity personnel.

Speakers from academia and industry gathered on Friday to talk about cybersecurity issues and needs on a web discussion hosted by Northrop Grumman and the University of Maryland, Baltimore County.

The resounding message of the web discussion—named Pulse on Building the Cyber Workforce—was that achieving successful cybersecurity is an all-hands-on-deck effort.

From academia to industry to government, and no matter a person’s background, cybersecurity has a need for every kind of person.

That means government agencies, like the National Security Agency, funding academic programs that expose students to computer science at a young age, said Dr. Freeman Hrabowski, UMBC president.

“There is an ecosystem developing here in Maryland, including teaching teachers in [grades] K-12, how to go about teaching these courses in computer science that can lead to cybersecurity,” Hrabowski said.

Lauren Mazzoli, a young cyber software engineer at Northrop Grumman, recounted her experience during college and talked about exploring computer science even despite feeling a slight intimidation toward it. Once she realized she did not have to be the “smartest person in the room,” Mazzoli said, she started to feel more comfortable, especially given that cybersecurity threats change constantly.

Mazzoli was able to supplement her cybersecurity studies with extracurricular activities. “I worked on campus at the IT department where I helped track down students that were downloading things on campus,” she said, admitting it was a mini exposure to cybersecurity.

“Software companies are driven by people. That’s the largest investment you have, that’s the largest investment you make,” said Eric Conn, cofounder and CEO of Leverege, a company that focuses on Internet of Things platforms and solutions.

But part of solving the issue of the scarce cybersecurity workforce is realizing that every person has a place in the cyber world so long as they are curious and want to learn things and work hard to achieve them, Conn said.

“We use the word ‘grit,’” Hrabowski said. “It’s about how hard you’re willing to work, to ask questions, to get involved and to get help.”

Hrabowski said that UMBC’s cybersecurity programs have not only computer scientists involved in them, but also humanities majors and other students focused on things like cybersecurity law and policy.

“Anybody can do this if you’re willing to work hard,” Hrabowski added.

Conn echoed Hrabowski, saying that, to him, the four most important factors of successful cybersecurity personnel are passion, grit, intelligence and curiosity.

However, Conn believes that one of the issues behind the slim cybersecurity workforce is that people fail to recognize the importance of cybersecurity.

“Digital is the new front line, and I don’t think the general public appreciates that because we haven’t had our ‘Pearl Harbor’ moment where, all of a sudden, GPS is denied for a day,” he said.

With fresh cybersecurity talent being in scant supply, however, companies need to be extra competitive in order to hire those new employees. Maybe the best way to do this, Hrabowski said, is to work with students before they graduate by offering them substantive internships.

“The worst thing that could happen is to bring in a young person and have them be bored,” he said, stressing the need to give interns substantive work with reasonable people who will work with their interns to help them learn.

“Students are impressed by the human experience,” he said. This, more times than not, Hrabowski added, means that internships should be paid internships. Given all of these factors, those students will want to go back to that environment, he said.

Mazzoli agreed that a company meeting her halfway was a key factor in choosing where to work. “I’m currently pursuing my master’s [degree] at UMBC in computer science, so having the flexibility to go to class during the middle of the day, having the support from the company to help pay for classes, all of that was a key factor when I looked at different companies,” she said.

Mentorships are also a great way to get younger talent involved, trained and ready to go when they join your company, Mazzoli said.

At the end of the day, the speakers agreed that cybersecurity is a pressing matter in the current world, that partnership between academia, industry and government is key, and that more attention needs to paid to cybersecurity by the general public, as every person can contribute something to the cause.