Infosec pros don’t have much respect for the cybersecurity or information security courses offered in colleges and universities, a new survey suggests.
Half of the respondents to a new survey done for Kaspersky said the availability of cybersecurity or information security courses in formal higher education is either poor, or very poor. This number increased to 83 per cent for professionals with two to five years of work experience.
One in two respondents doubted that their educational experience prepared them for their real-life role. Further, less than half of respondents said their college or university program offered them hands-on experience in real-life cybersecurity scenarios, and that they have since had to personally invest in additional training to keep up with the evolving threat landscape.
The survey questioned 1,012 infosec professionals in 29 countries, including the U.S., the U.K., Japan, China, and Russia. It hopes to analyze the causes of the current cybersecurity talent and skills gap.
Fifty-three per cent of respondents didn’t have post-graduate or higher degrees.
Nearly 40 per cent of respondents said their college trainers and teachers didn’t have real-life experience in the cybersecurity industry.
“The lack of teaching personnel with real-world experience in cybersecurity might be one of the biggest reasons explaining traditional education’s detachment from the industry and respondents hesitating to call their formal studies useful,” says the report.
“Of the infosec professionals with two to five years’ experience, just 19 per cent feel their formal education was extremely useful or very useful in their day-to-day work, while three-quarters of these young professionals say the theoretical knowledge they got was not useful in helping them fulfill their responsibilities. However, this trend is skewed towards mid and senior-level professionals.”
To tackle the cybersecurity skills shortage, Kaspersky suggests:
— higher education institutions upgrade their curriculums by partnering with cybersecurity vendors;
— students supplement their academic training with internships in an organization’s infosec department;
— infosec pros participate in international hacking competitions to hone their skills;
— infosec pros adopt a continuous learning attitude.