Embracing the Next Generation of Cybersecurity Talent
By Bruce Johnson, Senior Director
As seen on Dark Reading.
There’s an extreme shortage of cybersecurity talent in the workforce, with the National Institute of Standards and Technology (NIST) citing the existing workforce shortage at 3.4 million globally. At a time when digital security is more important than ever, this growing talent shortage poses an extreme risk to public and private entities. In fact, according to the same data from NIST, it’s expected that more than half of significant cybersecurity incidents this year will result from a lack of talent or human failure.
So, how do we address this shortage? By shoring up the programs that train the next generation of industry talent.
Student-Run SOCs: A Model for Workforce Development
The current industry talent shortage is where student-run security operations centers (SOCs) can come into play. These unique, new-to-market programs offer academic institutions an opportunity to defray the costs often associated with SOC operations, shoring up their cybersecurity systems while providing students with hands-on experience that translates into marketable skills upon graduation.
In Louisiana, a first-of-its-kind student-run SOC is leading the charge across 34 Louisiana State University (LSU) campuses, utilizing a whole-of-state approach to cybersecurity. Launched in 2023, LSU’s program recruits students from all disciplines, not just cybersecurity and IT, to work on the SOC with continuous support and training from TekStream through its MDR service, which uses Splunk’s SIEM/SOAR software deployed on AWS. The SOC provides 24/7 security coverage across 34 institutions while providing students up to 1,000 hours of frontline security experience each year. Since early 2024, students have worked on approximately 33% of all the SOC’s cybersecurity incidents.
As part of this innovative model, students are taught by industry veterans how to manage the LSU SOC using Splunk technology. Students are trained at the same level as TekStream employees on cyberattacks, analysis, network defense, policy and escalation, and real-time response tactics to actual incidents. This means they gain valuable experience in professional roles that are in high demand while completing their studies.
This not only serves as an excellent opportunity to take a lower-cost approach to training new talent, but it also provides an opportunity for LSU to train and upskill current IT staff. In the long term, this will help LSU and other private and public entities address existing labor shortages driving up labor costs in both the public and private sectors. The first three graduates of the program, Class of December 2024, have all gone on to pursue careers in cybersecurity as full-time TekStream employees.
Benefits of a Student-Run SOC
In addition to serving as an excellent resource for training and upskilling industry talent, student-run SOCs provide additional benefits. For one, student-run SOCs also offer an affordable, scalable source of on-site talent for academic institutions looking to grow or bolster their cybersecurity programs, especially if they want to take a whole-of-state approach.
Additionally, it provides a unique and competitive educational offering for students looking for a successful cybersecurity career post-graduation. Those who partake in the program receive a transcript upon completion that helps them directly transition to the job market. This is an added boon for students looking to enter the field, as it provides a leg-up during the interview and job- offer negotiation process compared with students from other universities.
Lastly, the student-run SOC at LSU acts as a scalable model that can be leveraged by other entities, both private and public, around the globe to improve our overall cybersecurity infrastructure. Other academic institutions, like the New Jersey Institute of Technology (NJIT), are already implementing similar programs across their campuses.
Improved Cybersecurity
The benefits of the student-run SOC don’t end with an upskilled workforce. Through public-private partnerships like the one between LSU, TekStream, Splunk, and AWS, LSU transitioned from a reactive to a proactive security model. That’s because, with this structure, LSU gains access to better automation, increased threat sharing and remediation using a whole-of-state approach and consistency with their architecture. At the same time, their costs are lower than a standalone approach and they’re able to leverage AI in their cybersecurity program, helping to tackle the barrier-of-entry AI has created for many new grads.
Strengthening Public-Private Collaboration for a Secure Future
According to a House Committee on Homeland Security data snapshot, cyberattacks on critical infrastructures increased 30% worldwide in 2023. The number of cyberattacks will only grow with the time we spend online and the data we create.
Securing and training the next generation of cybersecurity talent is where the future lies for successfully addressing existing talent gaps. Long-term, student-run SOCs provide an educational, scalable approach to cybersecurity resilience that will help public and private entities future-proof their cybersecurity.
The LSU student-run SOC is an excellent example of the importance of partnerships between academia, government, and private sector organizations to drive innovation and long-term workforce development. With more programs like the student-run SOC, we can expand our cybersecurity workforce and better secure our public and private entities for when, not if, cyberattacks occur.
About the Author
Bruce Johnson has over 38 years if experience in the information technology industry, including security, infrastructure architecture, software development, and management of multiple portfolios. He has experience in Splunk, security solutions, cloud migration, portal, content workflow, integration, and project management. As the Senior Director of Enterprise Security for TekStream, he works to implement security and compliance solutions leveraging Splunk for customer in a variety of environments and industries, as well as a variety of cloud migration and broader Splunk consulting solutions.