According the 2022 (ISC)² Cybersecurity Workforce Study, there is a global cybersecurity workforce gap of 3.4 million people. It’s bad news for businesses as cyber threats, phishing attacks, ransomware attacks and malware attacks continue to rise year-on-year. However, it’s good news for current and future IT professionals. There is a pertinent and timely need for trained cybersecurity experts.
In 2020, the World Economic Forum’s Future of Jobs report revealed that the number of jobs destroyed by automation and digitisation will be surpassed by the number of ‘jobs of tomorrow’ created. There is also an urgent need for ‘jobs for now’, particularly in the cybersecurity space.
According to the report:
- 84% of employers are rapidly digitalising working processes and expanding remote work
- Digital tools are being used to create a sense of community, connection and belonging among employees who work remotely
- There are many concerns and issues around cybersecurity when we consider how employee and customer data will be kept safe.
Why is Education a target for cybercrime?
Cybercrime attacks vary on the intentions of the attackers. Listed are reasons why attackers would attack the education sector.
- The Education Industry entities process and store a high volume of confidential/valuable information (a goldmine for hackers). With the huge volume of personal information collected and processed, institutions are at risk of non-compliance with emerging data privacy laws and regulations. In terms of POPIA (Protection of Personal Information Act), schools and universities have the same risks and obligations as corporates and a responsibility to ensure that staff admin, parent and scholar data is all secure and free of risk with mail protection.
- Financial gain is another motivation for hackers to launch an attack on an educational institution. While public schools may not be as vulnerable, private institutions like Universities/Colleges, which handle a massive amount of student fees, are a major target for hackers. It is common for students or parents to pay fees online, typically sending a large amount of money to cover a whole term or year of tuition. Without sufficient protection or preparedness on the side of the educational sector, this creates a vulnerability for hackers to exploit.
- Interfaces with many industries and is seen as a launchpad to other lucrative entities
- Limited cyber budgets to protect against large-scale attacks, for instance, Banks, NSFAs, research institutions etc.
- Scarcity of cybersecurity skills. Most institutions do not have dedicated teams for cyber security.
- Overly bureaucratic processes make it very difficult for institutions to keep up with the pace of digital evolution.
- Perceived lack of security. Most institutions use legacy/outstanding systems and infrastructure.
- Huge reliance on third parties and contractors. Supply chain attacks are rising (the vendors like Microsoft, Kaseya, Solarwinds etc. have been targeted by cyber-attacks)
- Lack of coordinated and structured response to cyber risks across government departments.
- Lack of cyber awareness among students and education staff
- Hacktivists target the Education Industry if they don’t like its policies. In addition, they can reach a wide audience with their messages.
- Overzealous students who want to experiment with IT systems – hacking for fun. Students hacking systems to manipulate exam results or access examination questions before the exam.
Why are these learning journeys so important? Finding the right cybersecurity course depends on experience, interests, and personality. At the core, all cybersecurity professionals are focused on protecting online data from being compromised. But within different roles, the responsibilities can vary. For example, entry level roles include systems administrators, network engineers, network administrators, and security administrators. However, intermediate level positions include cybersecurity analysts, penetration testers, security technicians, and IT auditors, while expert level jobs focus more on cybersecurity managers, cybersecurity engineers, and chief information security officers.
How Torque IT can help
To help IT professionals in their journey to becoming cybersecurity experts, Torque IT has specifically designed learning journeys to support positions from entry-level through to expert level. There has never been a better time for professionals to increase their cybersecurity skills.
