As cyber workforce gap widens, one California college receives distinction

Long Beach City College has been recognized as a National Center of Academic Excellence in Cyber Defense Education— now the third California community college to receive this distinction.

LBCC, which applied to the program in spring 2018, announced its new distinction in November.

The CAE-CD program, jointly sponsored by the National Security Agency and Department of Homeland Security, aims to promote academic institutions providing rigorous and current cybersecurity education to reduce vulnerability in the national information infrastructure. An NSA spokesperson told EdScoop, “the program was established to help meet the growing need for qualified cybersecurity professionals within the federal government and for the nation as a whole.”

Available for associate, bachelor’s, master’s and doctoral programs, applying institutions must meet rigorous academic requirements before being accepted into the CAE-CD program. “The real advantage to being a Center of Academic Excellence is it means that our program has been identified as teaching the things that cybersecurity professionals need going forward, and that we’re keeping things up to date,” said Garrett Whelan, department head of computer and office studies at LBCC.

After students graduate from LBCC’s program with a degree or certificate of achievement, they receive an additional certificate that indicates graduation from a CAE two-year program — a requirement for some entry-level government positions. As a result of attending a CAE-CD institution, Whelan said students will develop skills which align with NSA/DHS standards for cybersecurity and prepare them for successful careers in the field.

Started in 2013, LBCC’s cybersecurity program has grown rapidly. Whelan was put in charge with creating a cybersecurity program for the community college when he was hired almost six years ago and now, he said, LBCC has one of the largest cybersecurity programs in Southern California. Last year, more than 50 students graduated from the program with an associate degree or certificate in cybersecurity.

Whelan said that LBCC’s cybersecurity program teaches students foundational skills, like Linux, networking, and Windows administrative tools, as well as more specialized skills, like ethical hacking and cyber-forensics. Students who graduate from LBCC’s cybersecurity program are leaving with an arsenal of skills for a successful cybersecurity career, and this latest distinction, Whelan said, “is the NSA putting their stamp of approval on it.”

An ‘astronomical’ gap

Traditionally, when employers are looking for candidates to fill open positions, there is a minimum degree requirement associated with the job. The federal government’s hiring criteria for cybersecurity positions currently requires that qualified applicants have a bachelor’s degree in a related field, an NSA spokesperson said. “There is certainly a prejudice, employers want a four-year degree,” said Whelan. “It is sometimes a barrier for students who don’t have a bachelor’s,” he admitted. “But also they need the skills that our students have so they’re hiring our students anyway,” he said.

According to a recent estimate by Cybersecurity Ventures, there will be as many as 3.5 million unfilled cybersecurity jobs by 2021. However, Whelan said he would guess the number of cybersecurity professionals being produced annually to be in the low tens of thousands. “The gap is so astronomical, it’s almost laughable,” he said. “There are just nowhere near enough people who have those skill sets.”

For students without a bachelor’s degree from a 4-year university, this means they are not excluded from pursuing a lucrative career in cybersecurity. The demand for cybersecurity professionals has become dire enough that employers are beginning to reevaluate job requirements, Whelan said, and are beginning to pay more attention to the skills students can bring into the workplace, rather than the piece of paper they were handed at graduation. “The issue I have right now,” Whelan said, “is students leaving the program because they’re getting jobs and their hours change.”

Although educational institutions have begun responding to the cybersecurity demand, Whelan said, “there is a lot of work still to be done.” LBCC is a very forward-thinking institution, he said, and readily focused on cybersecurity when the demand was felt. For the most part, he said, “institutions are dinosaurs. They move very slowly. … If you want to get a program like this up and running, you need people with expertise. We are way behind our need for cybersecurity professionals in education.”

The large workforce gap, in addition to attracting students to the field, is also siphoning potential cybersecurity faculty. The reality is, Whelan said, “people with the skill sets we need are in industry and they’re making a lot of money. A lot of time it doesn’t make financial sense for them to come in and teach.” This predicament, Whelan said, “means that the teachers we do get are really good, they’re really motivated, they want to help students.” But he said the selection pool is small.

Despite all the challenges associated with cybersecurity, the industry is booming. Cybersecurity has become a critical industry as the threat of cyber-aggression looms large.  “You need cybersecurity professionals,” Whelan said, “to be evaluating the risks implementing policies, testing your defenses and you’re doing all the things that it takes to defend yourself.”