The recent slew of high-profile data breaches (like the one that afflicted Target and millions of the retailer’s customers) have highlighted the need for skilled cybersecurity workers. Unfortunately, the supply is not currently meeting demand: There are currently as many as 300,000 unfilled security jobs across the country, according to a recent report.
Four-year university programs, like the one taught at California State Polytechnic University, Pomona, aim to close this gap by offering security-focused degrees. But at least one company, security software maker Symantec, believes thousands of these jobs can be filled by people with little or no formal college education. To that end, the Mountain View, Calif.-based company is investing $2 million in a program that will find and train “underserved” young adults in cybersecurity skills. Symantec made the announcement — part of a broader effort for companies to expand training programs for young people — at the Clinton Global Initiative meeting on Tuesday.
“We are affected by the skills shortage as much as any company,” says Aled Miles, a senior vice president at Symantec. “We’re constantly on the lookout for early talent. It affects us and it affects our customers.”
To be sure, Symantec’s bid to expand the pool of skilled cybersecurity workers isn’t just an example of do-gooding. Not only is the company faced with its own shortage of skilled employees, but associating itself with such an effort is a no-brainer for branding (especially for a legacy security software maker that needs to remain relevant with a new generation of workers). According to Marian Merritt, the Symantec’s director of cyber education, plans to launch this program started about a year ago, following an exercise led by a consulting firm that helped the company figure out which “shared value” initiatives (i.e. programs that are beneficial to the public and to Symantec) it should invest in.
“The right mix of skills and training could go to somebody really coming from Ground Zero,” says Merritt.
Symantec believes that with the right training, as much as 20% of currently open positions could be filled by people without four-year college degrees. But the company is starting small, with pilot programs in New York, Baltimore and the San Francisco Bay Area. In order to find and teach students, Symantec has partnered with several non-profits, including Year Up and NPower. The hope is that the program, which lasts several months and includes a stipend for students, will attract minorities and veterans and other underserved segments of the population. At least initially, the pilot will be offered to just under 50 students. That’s a far cry from filling the 300,000 open positions, but it’s a start. Most significantly, Symantec has committed to providing an internship for every student that completes the program.
So will other security companies follow suit? It wouldn’t be surprising. Government involvement isn’t far behind either — the shortage of cybersecurity skills is a global problem. According to a recent report from security provider McAfee, the economic impact of cybercrime is estimated at $445 billion worldwide. And if the latest slew of data breaches are any indication, that’s not a number that’s likely to decrease anytime soon.