Filling the cybersecurity workforce gap is education’s responsibility

Commentary: With the huge demand for cybersecurity professionals, it’s the job of universities and high schools to step up, says Eileen Belastock.

To fill the massive demand for cybersecurity talent, secondary and higher education should focus their attention on developing cybersecurity courses that are rooted in IT operations and applications.

With 300,000 open cybersecurity positions in the United States and 4 million open cybersecurity positions globally, many technology experts are calling for a forward-thinking approach to the country’s workforce challenges. Among them are Casey O’Brien, executive director of the National CyberWatch Center, a network of schools and businesses advocating for cybersecurity education, and Jim Kowatch, CEO of Infosec Learning, a company that sells a platform for teaching cybersecurity skills.

On a recent webinar hosted by, O’Brien and Kowatch recommended educators provide their students a strong foundation of cybersecurity skills. With more than 600 identifiable cybersecurity concepts and given the time constraints of K-12 and higher education environments, it may be nearly impossible, they said, to thoroughly integrate all of them into a cybersecurity course. Instead, courses can include 30 critical concepts such as IT literacy, terminology, software, virtualization, hardware and system administration. Students can then build on this foundation and begin looking at more specialized roles.

As with many specialized or singleton courses, cybersecurity course instructors may feel isolated within the school community, the speakers said. However, they should be comforted to know that there are many resources available. Organizations such as the National CyberWatch Center, the Center for System Security and Information Assurance and the National Cybersecurity Training and Education Center have many resources available, including instructional materials that can be tailored to provide students with real-world learning experiences.


The NOVA Cybersecurity Lab, MediaSmart’s Cybersecurity Program, the National Integrated Cyber Education Research Center, and SANS Cyber Aces each provide resources and lesson plans that are adaptable for all age groups.

While classroom instruction is critical for any cybersecurity program, employers also want to see their future employees apply many of the terms, concepts, and methods before hitting the job market. Cybersecurity instructors should integrate outside-the-classroom experiences for students to be well-prepared for their future jobs. One of the most effective hands-on training methods can be found in competitions, which may include themes such as forensics and programming.

Virtual cybersecurity competitions such as those held by the National Cyber League challenge high school and college students to develop defensive and offensive cybersecurity plans similar to ones they would implement in the workforce. Providing makerspaces and hackerspaces within the classroom are additional opportunities for students to gain hands-on experience.

In this day and age, when education, industry, and government rely heavily on the safety and reliability of the technology, it is the responsibility of K-12 and higher education to develop cybersecurity programs that will ensure students will have the skills and experiences to fill the increasing demand for qualified cybersecurity experts.

About the presenter


Casey W. O’Brien serves as executive director and principal investigator of the National CyberWatch Center, a cybersecurity education and research consortium focused on advancing information security education and strengthening the national workforce. Casey has more than 25 years of information security and large-scale IT implementation and project management experience in challenging and cutting-edge public and private sector environments. Casey’s teaching and research interests include: practice-based education and training solutions that combine accelerated learning programs, validated assessments, instruction, practice labs, and challenging scenarios to improve information security talent management in organizations; rapid deployment of customizable and adaptive curriculum that raises learner capability maturity in foundational security concepts, tactics, techniques, and procedures; and formative credentialing solutions that increase the number of capable professionals. Casey is the technical editor of five textbooks: Ethical Hacking & Systems Defense, Linux Server Fundamentals, Information Security Fundamentals, Introduction to Scripting, and Networking Fundamentals. Casey earned a B.A. in psychology from the University of St. Thomas and an M.A. in psychology from Duquesne University.

About the host

A University of Pittsburgh graduate, James Kowatch has worked in the training, virtualization, and curriculum development business for 16 years. Initially, with Pearson Education, Jim managed training, education, and solutions development for the northeast United States. After that, he founded Infosec Learning to develop a better and more scalable way to deliver computer, cyber, and information security training. Jim currently lives in Baltimore, Maryland, and manages the day-to-day operations of Infosec Learning and the 180 organizations that it serves.

Join the community

Technology in Schools is a free professional learning community on where district administrators, school leaders, and all educators can share ideas, examples, and resources that relate to integrating technology effectively in schools.


The edWeb webinar referenced above, sponsored by Infosec Learning, can be found here.

Latest Podcasts