Cyber attacks are on the rise, but the talent pool of skilled cybersecurity defenders is not keeping pace. In Canada alone, demand for cybersecurity professionals is growing by seven percent annually with an estimated 8000 new workers needed by 2022. ISA is partnering with The University of Guelph to remedy this professional shortfall.
The numbers in Canada, and globally, are alarming.
Annually, ESG conducts a global survey of IT professionals to identify problematic shortages of skills that their organizations face. Every year, the cybersecurity skills deficit takes the top spot. In addition to that, the percentage of organizations that reported a cybersecurity skills shortage continues to rise, from 2015-2016’s 42% to 53% in the 2018-2019 survey.
Cybersecurity Ventures predicts that there will be up to 3.5 million job openings in the field of cybersecurity by 2021. The truth is that every IT position is also a cybersecurity position. Every technology worker is involved with defending and fortifying apps, data, devices, infrastructure, and people. With this truth factored in, the cybersecurity workforce shortage is far more vast than what the numbers show. The unemployment rate in cybersecurity was zero percent in 2016, and it’s expected to remain at zero through 2021. “The field of cybersecurity is the least populated of any field of technology,” according to John McAfee. “There are two job openings for every qualified candidate.” While those numbers don’t make for a very cyber-secure technological future, they do bode well for college and university students who are looking to enter the cybersecurity workforce.
The vice-president of policy and government relations with the Information Technology Association of Canada (ITAC), André Leduc, puts it like this, “The genie is not going back in the bottle for cybersecurity, and Canada is in a good place in terms of our cyber-talent and cyber-industry. We can continue to be a strong international player on this, but investments need to be made, both in the private and public sector.” In other words, we’re in good shape now, but the deficit in the Canadian cybersecurity talent pool cannot be permitted to grow.
Investing in the Future
The ITAC is making investments in the future of Canadian cybersecurity. ITAC announced in February that it secured a three-year grant from Employment and Social Development Canada to “create a useful framework for students, hiring managers and Statistics Canada’s labour market needs forecast.” The executive director of ITAC’s talent and business technical forum, Gina van Dalen said, “We will be developing industry-validated national occupational standards and a competency framework, [and] a certification and accreditation regime to address skill shortages.” Van Dalen went on to say that “The goal is to accelerate learning, skills development and career development.” The online portion of the framework should be in place by mid-2020 and is based on the U.S. National Initiative for Cybersecurity Education (NICE) framework but customized for Canadian needs.
Leduc sees the importance of private and public partnerships to improve educational models at the post-secondary level and create a larger pool of cybersecurity talent in the future. By enhancing the ICT post-secondary education system, Canadian technology and cybersecurity industries will be able to pull from a larger, more diverse incoming workforce.
ISA is Investing in the Future of Cybersecurity
Bryan Pollitt, vice-president of professional services at ISA, says that even ISA has its struggles in finding qualified workers. Pollitt also stated that across the cybersecurity industry he sees under-qualified people filling middle and senior roles, due to real experts transitioning from permanent jobs to project-based consulting because of the vast demand for their expertise and skill set. In Pollitt’s words, “It’s been a challenge over the course of the last 10 or 15 years, but much more pronounced in the last few years. This is not a new phenomenon, but it’s one that’s not going away, and it seems to be getting worse.”
The team at ISA believe, like Leduc, that it is going to take public-private partnerships to address the skills shortage. We also think that properly educating the workforce of tomorrow in cybersecurity and threat intelligence, and making those educational opportunities more accessible, is of the utmost importance.
As a company, we’ve put our money, and our expertise, where our proverbial mouth is. Contributing to the education of the future cybersecurity talent pool, and creating scholarships to make cybersecurity education more accessible, have both become corporate priorities.
The University of Guelph Master of Cybersecurity and Threat Intelligence Program
The University of Guelph has officially launched the Master of Cybersecurity and Threat Intelligence program. The program is headed by Dr. Ali Dehghantanha, who, previously, served as a Senior Lecturer in Security of Advanced Systems Group in the University of Sheffield – United Kingdom. The Master of Cybersecurity and Threat Intelligence program is an exceptional program that focuses on the Canadian cybersecurity landscape and provides a “deep focus on developing students’ technical understanding of security threats and solutions.” The program draws graduates of math, computer science, and physics programs, as well as working professionals who are interested in software security, intrusion detection and cryptography.
ISA is proud to sponsor, amongst other contributors and alongside two of our partners (McAfee Canada and Cisco Systems), The Master of Cybersecurity and Threat Intelligence program through the University of Guelph. The program is both distinctive and desperately needed in the digital economy. As Kevin Dawson, CEO of ISA states, “The cybersecurity talent gap is huge. We are constantly recruiting, constantly looking. We are looking at recruiting through schools, and already have across Canada, and internationally. I can very strongly tell you that this program is unique in its offering globally in terms of what it’s going to offer to students.”
McAfee CEO, Christopher D. Young, said concerning the University of Guelph program, “We’re approaching a cybersecurity talent shortage of 2 million people worldwide in the next 3 to 5 years. Every cybersecurity provider can contribute, and when we’re joined by respected education institutions like the University of Guelph, our combined effort makes the world safer.” The funds contributed have “supported the creation of a new cybersecurity teaching lab and the University of Guelph Security Operations Centre, which enable rich experiential learning activities that set this program apart from similar programs in Canada.” At the program launch event, Dr. Mary Wells, Dean of the College of Engineering and Physical Sciences, said in her speech, “I will be personally maintaining the diversity that represents the Canadian population and gender diversity within the program.” To further this mandate, ISA is pleased to be able to provide the Information Systems Architects Inc. (ISA) MCTI Entrance Scholarship. Two ISA MCTI Entrance Scholarships of $5,000 each are available to students registered in the Master of Cybersecurity and Threat Intelligence program. One scholarship award is to go to a female student and one to a male student. The scholarship’s gender stipulation promotes another ISA initiative, to encourage and support women who work in, and who are entering, the cybersecurity industry. Because, along with a shortage of skilled professionals, there is also a shortage of women working in cybersecurity. At ISA, we believe that diverse perspectives strengthen our solutions and our corporate culture.
Lee Munson, Security Researcher, has hope that the future workforce of cybersecurity will grow as educational institutions begin to shift their curriculum focus. He predicts that “While the lone hacker will disappear in favor of ever more organised cybercriminals, the net threat to organisations will remain neutral as the industry-wide information security skills shortage will narrow due to an improved focus within the educational establishment.”
Improved educational focus, a framework for education and career pathways, and public-private partnerships will help to build a more cyber-secure future for Canada. Kevin Dawson understands the potential of the University of Guelph’s program for the cybersecurity industry, stating, “A lot of schools have Computer Science programs, but Computer Science doesn’t prepare you for cyber – it prepares you for computers. So, we are very invested in this program and helping to promote its students.”
During his speech at the program launch, Dawson stated that ISA’s intent going forward was that, “Amongst other donations, we are hoping to do some guest lecturing for Dr. Ali and for some of his team to be involved with our cybersecurity team.” He went on to say that “We are very much looking forward to the multiple research projects with students that can both help advance cybersecurity and help our business.” The partnership between ISA and the University of Guelph is built on mutual respect and trust. “The University of Guelph is a longstanding customer of ISA’s, and we, as an organization, look to give back to our customers, and this is just one small way that we are able to,” says Dawson.
Fall program admissions are now open. For more information about the program and the scholarships, or to apply, click here.