Have you ever spent four years working hard to earn a cybersecurity or computer science degree, only to find out that entry-level positions require more than two years of experience? It can be incredibly frustrating and disheartening to have all the right certifications but never hear back after submitting your resume multiple times because you lack hands-on experience.
This is the harsh reality that graduates entering today’s job market are facing.
On the flip side, hiring managers in security operations centers (SOCs) are struggling to find qualified, experienced professionals. They are inundated with poorly generated resumes from LLM chatbots, making it difficult to identify truly skilled candidates.
The issue here isn’t a lack of talent. In fact, between 2022 and 2023, the number of Computer and Information Sciences and Support Services graduates increased by 4.99%. The problem lies in the shortage of experienced professionals to meet the growing demand, exacerbated by the rise of AI technology.
Understanding the Gap in the Workforce
Having a certain level of expertise has always been a prerequisite for entering the cybersecurity field. However, the automation of entry-level security analyst roles with AI has raised the bar, creating a mismatch between the expectations for new cybersecurity professionals and the reality of their skills.
Employers now seek candidates who can demonstrate advanced critical thinking skills, proficiency in AI, an understanding of threat actor behavior, the ability to create AI-driven detections, and the capacity to enhance cyber defenses in real-time. They also expect candidates to have the certifications typically required for more senior roles.
Unfortunately, many new professionals lack the necessary skills to meet these expectations. A study by the National Skills Coalition revealed that over a third of the workforce lacks the foundational digital skills required for today’s job market, skills that are in high demand for 92% of the 43 million job postings analyzed.
The Importance of Modernizing Cybersecurity Education
At the heart of the cybersecurity skills gap is the urgent need to update traditional cybersecurity curricula. Higher education institutions have traditionally struggled to keep up with the latest industry trends and innovations, a challenge that is particularly evident in the fast-paced cybersecurity sector.
Technology, security strategies, and the nature of cyberattacks are constantly evolving. Learning about cyber threats from two decades ago won’t prepare students to address the sophisticated attacks orchestrated by adversarial AI today. This underscores the importance of aligning cyber education with industry demands.
While employers can offer training programs to bridge the skills gap, many lack the resources and time to run them effectively. One of the main obstacles is the shortage of senior engineers available to dedicate the necessary hours to train new professionals, especially in the public sector.
The solution to this challenge lies in integrating hands-on training into the classroom experience. Students need practical training to develop AI literacy, acquire practical skills, and stay abreast of the latest security innovations to make themselves attractive to future employers.
However, higher education institutions cannot address the cybersecurity skills gap in isolation. Closing the gap requires collaborative efforts between the public and private sectors, going beyond implementing tools and designing curricula to achieve the desired outcomes.
Redefining Workforce Development with Just-In-Time Training and AI
Over the past three years, my colleagues and I have been dedicated to resolving this industry-wide challenge. Our solution, initially developed in collaboration with Louisiana State University (LSU), Splunk, and AWS, involves integrating just-in-time (JIT) training into the traditional curriculum through a student-operated SOC.
Through our managed detection and response (MDR) security solution, students gain real-world incident response experience by working alongside TekStream employees in a multi-tenant SOC environment. They learn to identify threat frameworks, anticipate cyberattacks, and oversee, fine-tune, and validate AI outputs in a live setting.
With AI becoming increasingly prevalent and the need for human oversight in AI processes growing, students must be proficient in identifying and rectifying the subtle errors that AI tools can make. Our response to this industry shift is to leverage AI to enhance, rather than replace, tier-one analyst tasks, ensuring that students graduate with a strong foundation.
By operating in a multi-tenant environment, our labs enable us to leverage shared threat intelligence across the ecosystem to generate real-world events that serve as the basis for a live training environment. By toggling the AI on and off, students gain the context needed to effectively utilize these tools.
These labs also serve as research and development centers for automating incident response with AI, and they are shared across the ecosystem. For instance, at LSU, a student detected a malware attack associated with an active ransomware campaign, preventing a multi-million-dollar breach for the university.
As a commercial MDR security provider, we offer AI-driven incident response oversight, automation, and analysis, enabling students to keep pace with the demands of the industry beyond what the academic curriculum can provide. When they enter the workforce, they bring skills equivalent to those of a mid-level engineer, supported by a transcript of their work in the student-operated SOC to showcase their experience.
We have been able to measure the impact on productivity and security quality across various levels in a real-world setting over three years, with every new institution or agency added to the program further validating its success. The program continues to evolve, ensuring a 100% placement rate for students participating in our workforce development initiative.
Addressing Tomorrow’s Skills Gap Today
While AI can be valuable for monitoring logs and indicators of compromise, skilled professionals are still essential to combat the increasing sophistication of AI-driven cyberattacks. Automation alone is not the solution, and neither is a purely theoretical approach to coursework.
It is imperative for industry and academia to collaborate in enhancing education through hands-on training and integrating AI with human oversight. Failing to do so will result in ongoing talent shortages, rising costs, and a slower pace of innovation that transcends industries.
As AI continues to reshape the service economy and accelerate change, this public-private partnership model could serve as a blueprint for multiple fields. Currently, it stands as a proven strategy for addressing the cybersecurity skills gap.
Bruce Johnson is the Vice President of Solutions at TekStream, bringing over 38 years of experience in the information technology industry, with expertise in security, infrastructure architecture, software development, and portfolio management. Johnson specializes in Splunk, security solutions, cloud migration, portal development, content workflow, integration, and project management. In his role at TekStream, he focuses on implementing security and compliance solutions leveraging Splunk for clients across various industries and environments, as well as providing cloud migration and broader Splunk consulting services.
Connect with Bruce on LinkedIn or visit the TekStream website at https://www.tekstream.com.
