Cybersecurity Education: Why Universities are Missing the Mark

By 2021, unfilled cybersecurity jobs worldwide will reach 3.5 million. The cybersecurity skills gap – which only continues to grow – has many conflating or interrelating causes, but at the top of the list is cybersecurity education.

A recent study revealed just how lacking cybersecurity education in US universities really is. They awarded the 121 top-ranked schools surveyed a combined grade ‘F’ and have the statistics to prove it. For instance, out of the top 50 computer science programs in the US, three require a cybersecurity course for graduation. Evidently, cybersecurity is not a priority for most universities.   

Here’s why educators are missing the mark:

Conventional education methods can’t keep pace

Traditional methods of classroom cyber learning are arguably inadequate at preparing learners for real-world demands. Whereas universities are slow to change curriculum, cyber is characterized by rapid transformation and expansion – fundamentally the two are at odds. Learners cannot be effectively taught cybersecurity in a passive classroom setting because the cyber world evolves too fast. Not only are there not enough qualified educators to keep up with demand, but new cyber threats emerge every day and curriculums cannot adapt fast enough.

Cybersecurity is best learned in real time with hands-on practice

One of the biggest drawbacks is that classroom learning is non-interactive. While passive classroom learning has the advantages of lecture notes, concrete conceptual education, and organized learning, it does not challenge the learner as much as active learning. Furthermore, quizzes and exams that measure success in university are not meant to teach, they are meant to test and can’t be equated to hands-on practice.

RELATED:  The Global Cybersecurity Skills Gap

Active learning, on the other hand, increases critical thinking skills, initiative, and better fits the needs of fluctuating learning styles. Active learning, most importantly, puts knowledge to practice. Labs and simulations are engaging and more effective for internalizing and building confidence in applied knowledge. These are all vital hard and soft skills for being successful in a cybersecurity career.  

Universities are exclusive

The assessments and grading required to get into and succeed in university is also generally irrelevant to cybersecurity. There are many potential individuals who are left out of the university school system whether it be from entry requirements or cost. Adding insult to injury, women are still highly underrepresented in cybersecurity, and that starts with university recruitment, outreach, and retention.

Lastly, cybersecurity requires continuous learning and on-the-job training. While university training remains the most popular route into the cybersecurity industry, it certainly won’t help to solve the cyber skills gap nor help fend off the growing threats cybercriminals pose. Solving the cyber skills gap is an industry-wide problem that needs a wholesome solution. Cybint’s cloud-based platform is helping to solve the cyber skills gap through gamified, role-based training that keeps learners up-to-date with new skills, technologies, and threats. Contact us to find out how simple it is to implement our learning paths in your institution or organization.

Catherine Fredette

Catherine Fredette is a student at the University of St Andrews, where she has academic research experience investigating cybersecurity and International Law. Catherine is curious and excited to learn more about the cyber world.