The scholarship program and improved certifications are aimed at growing the number of skilled cyber-security experts, officials say.
Cisco Systems is throwing $10 million behind a new effort to increase the number of skilled cyber-security experts in the market.
The giant networking vendor is introducing a $10 million scholarship program, while at the same time enhancing its security certification portfolio, all with the goal of bringing more talent into the cyber-security pool and closing an expected worldwide shortage of skilled professionals that could reach 2 million by 2019.
The effort comes at a time when cyber-attacks are becoming more sophisticated and organizations are lacking the skills necessary to protect themselves. A recent report found that in a survey of the global IT professionals, more than half said that less than 25 percent of applicants for cyber-security jobs were qualified to do the work the jobs required.
"Any entity with an online presence is faced with a two-fold problem: Cyber criminals are rapidly proliferating and their tactics are evolving, but businesses don't have the skilled individuals they need to anticipate vulnerabilities and lock down security," Tejas Vashi, director of product strategy and marketing for Cisco Services, wrote in a post on the company blog. "To make matters worse, technology changes rapidly, often leaving IT professionals without the advanced skills necessary to protect their companies. Imagine what those vulnerabilities can do to undermine not only businesses, but also municipalities, military installations, government agencies, and other entities."
Organizations for several years have worried about the lack of skilled cyber-security professionals. In a survey of 476 security and business executives published late last year by the SANS Institute for DomainTools, almost 60 percent of respondents said they didn't have the skills
and resources to adequately protect themselves from a breach.
With Cisco's new Global Cybersecurity Scholarship program, the vendor will invest the $10 million over two years with the goal of growing the talent pool around the world. As part of the program, Cisco will offer training, mentoring and certification that are aligned with the position of security operations center analyst, Vashi wrote. In addition, the vendor will work with a broad array of organizations—including diversity programs, veterans groups and people in the early stages of their careers—to use this scholarship as a launching point for their employees' careers in cyber-security.
The goal is to give people the necessary skills and on-the-job capabilities to address issues of network security, officials said.
In addition, the company is launching the new Cisco Certified Network Associate (CCNA) Cyber Ops certification that assesses a person's skills in such areas as monitoring IT security systems, detecting cyber-attacks, analyzing evidence, correlating information and coordinating responses to incidents.
At the same time, the vendor is updating its existing Cisco Certified Internetwork Expert (CCIE) Security certification with updates at the expert level that assess a person's capabilities with emerging and evolving technologies, including advanced threat protection, advanced malware protection, next-generation IPS, virtualization, automation and information exchange. There also is a new assessment in such areas as network programmability, the Internet of things (IoT) and the cloud.
"For their part, companies can hire from this fresh talent pool while also electing to reskill existing IT employees, conferring significantly enhanced value on workers who already know a company's culture, infrastructure, and IT landscape," Vashi wrote.
The IoT and cloud computing are creating an environment where tens of billions of connected devices are creating 277 times more data than individuals themselves are creating, pushing into the zettabyte range, he wrote. Given then increasing connectivity between systems and the massive amounts of data they're generating, another level of trust is needed.
"We must trust the systems that manage and process the data, the people and partners who access the data, and the systems, controls, fundamental technologies, and processes that protect the data," Vashi wrote. "It's increasingly clear that the entire online industry must do its part to train workers, helping them acquire the critical skills necessary to secure the Internet of Things."