Cybersecurity is a major issue right now. However, there is a shortage of professionals who are trained to work within that area. So is the best way to deal with the shortage of cybersecurity professionals to funnel students into cybersecurity degree programs? Ira Winkler wrote a thought-provoking piece for ComputerWorld that raises the question: How valuable would cybersecurity degree programs be?
Basically his argument is that if you offer a college program that is all about cybersecurity, then you’re graduating people who won’t have the general tech background that is needed to make proactive decisions in regard to security or any technology. He says,
“The issue is to create not a handful of people who have a little extra specialized education, but to ensure that the future computer professional community, as a whole, at least has the fundamental knowledge to begin proactively securing their work products.”
It would be great if learning institutions taught a general IT curriculum first and then allowed students to have a concentration in an area like security. But, as Winkler points out, few of the textbooks used in computer science have even one chapter devoted to security. And it doesn’t look like this issue can be fixed easily because of the lengthy approval processes curriculums have to go through.
Some might make the argument that there will be a plethora of cybersecurity jobs just waiting on the cybersecurity graduate. But, as Winkler points out,
“Take a look at the NSA’s cybersecurity professional development program. It wants people with strong programming skills. But many cybersecurity undergraduate programs do not offer any programming coursework. It’s been cut out to make room for more classes in things like writing security policies.”
I wonder if colleges couldn’t offer a post-bacc specialty that could be pursued after a graduate gets a degree? Sort of like med school. It would mean extra time in school, but wouldn’t it be worth it?