The challenge we face is to respond to increasing threats with increasing capabilities. Not just technological, but human. What if those capabilities do not exist? Or they exist in insufficient numbers? Several years ago, I spoke with an industry veteran over lunch where he shared his struggle to hire the nearly 40 experienced cybersecurity professionals needed across his organization. In the intervening years, the situation has gotten worse – even more so in the Asia/Pacific region. (ISC)2 reported there were 2.9 million open positions last year, with 2.14 million in Asia/Pacific alone. This is a global industry struggle, but one that we can address with time, investment and – most importantly – partnerships.
Not long after that lunch conversation nearly seven years ago, RSA had the opportunity to begin solving for the gap by working with Temasek Polytechnic. That partnership was the beginning of the RSA Academic Alliance Programme, which has expanded to five universities with more on the near horizon.
While primarily a cybersecurity skills development programme, it also places interns, includes a tertiary institution exchange and, offers cyber awareness for kids (Cyber Safety Kids).
To ensure continued success, RSA conducts an annual review of the curriculum to respond to rapid changes in the threat landscape. We also participate in the School Advisory Council when needed. Our current goal is to produce 10,000 cybersecurity professionals annually. Eventually, we would like to produce ten times that number out of India to meet not just Asia/Pacific shortages, but global requirements as well. Since the programme's inception, we have placed more than 95% of our students within six months of completing their education. We've found the remaining 5% have chosen to switch careers.
RSA enjoys a number of additional benefits from the programme. Not only are we training more future professionals, it reflects positively on the company's efforts in region. Our thought leadership in this space is viewed positively by customers and governments, resulting in RSA being awarded the inaugural Cybersecurity Enterprise 2018 by the Cyber Security Agency of Singapore.
Despite the successes, the programme isn't without challenges. Those of us at RSA working on this do so in addition to our 'day jobs'. Fortunately, the Government of Singapore and our parent company, Dell, recognize the value and are providing additional resources for expanding these efforts. Additionally, we host participating institutions at the annual RSA Conference in Singapore.
To further address the challenges in resourcing, the programme is designed to be replicated for emerging economies. We strongly encourage others to consider ways they, too, can increase the number of industry professionals to combat threat actors.
For me personally, and all of those involved in the Academic Alliance Programme, "success" will come when the cybersecurity skills gap is no longer the largest threat facing our industry in the Asia-Pacific region. We've been encouraged by the evolution of the programme over the past six years as we've now implemented (or will soon be introducing) it to institutions in Malaysia, the Philippines, Australia and Hong Kong. I encourage you to consider ways that you can help address the skills gap in your home country or region as it's a global issue that needs everyone's attention.
# # #
Learn more about the RSA Academic Alliance Programme in this recent blog post.