You are on page 1of 8


Network Security
A collaborative vision on network security education and
cyber-security workforce development
Need for a
bridge to bridge
Network Security
skills gap
White paper
The challenge of averting network threats and cyber attacks in order to safeguard the
availability and integrity of key information systems & assets has grown exceedingly
difficult. Juxtaposing this situation, while the sophistication of attackers and number of
such cyber threats has grown rapidly in recent years, the world has not been able to
produce capable talent with the right skills in network security and cyber threats
In the light of these studies and findings, the role of a cyber security professional has indeed
experienced a major transformation, leading to a sharp rise in the need for a larger and more
dynamic network security workforce
Its about time academia and industry comes together to demonstrate the spirit of collaborative
efforts and produce young and ambitious talent pool of information and network security
professionals, leading to creation of rewarding career opportunities for many and a capable cyber
security workforce as required by global institutions.
This becomes clearly evident from the following statements.
= A recent study from Booz Allen on the U.S. federal cyber security reveals significant skills shortage
= Identity theft complaints topped the list of US consumer complaints for the 12th year in a row,
= Identify theft costs the Canadian economy approximately $2.5 billion p.a. (-the Canadian Council
of Best Business Bureaus)
= A Digital Government Institute Cyber Security Conference held in mid 2012 in US foresees that
within the next two years about 4.5 million security professionals will be needed worldwide; the
current available pool stands at about 2.5 million only
= UK could face a significant skills shortage in IT security - UK government
= Australia announces federal assistance of $1.46 billion for cyber security
= Italian government announces fresh measures to beef up cyber security
= The Global Information Security Survey 2012 from Ernst & Young shares a wake-up call for global
businesses to recognize the strategic importance of information security
= India needs nearly half a million cyber security professionals by 2015 I Learning
The National Initiative for Cybersecurity Education (NICE), a unique and
comprehensive National Cybersecurity Initiative from US federal government
identifies a special role for academia in fortifying industry needs and students career
The following illustration provides useful insights into the way educational
institutions can make a big difference by becoming a part of collaborative missions
for promoting network security education.
For students
educate career
aspirants with industry
needs and various
opportunities to help
broaden the pool of
capable network securiy
For society
promote broader
awareness about risks in
network security and
cyber threats ; facilitate
easier understanding
into industry best
practices and other
initiaves addressing
similar concerns
For industry
cultivate a globally
competitive cyber security
workforce by imparting
pertinent learning focusing
on all key aspects of network
security and cyber threats
management; forge
collaborative partnerships
with technology, corporate
and government
organizations to identify
skills requirements I Learning
Academia as the ultimate catalyst
Growing awareness towards network security and cyber threats signifies a
huge opportunity and not only business and government establishments
but institutions in research and education too shall gain immensely from
it. In fact, against ever evolving cyber threats the need to mentor more
graduate students skilled in the concepts and technologies of network
security is turning into a significant onus of academic institutions, in order
to help defend invaluable information assets for governments and
business enterprises. Academia thus has a unique chance to emerge as
the catalyst of change with this shift.
With substantial investments and efforts being pledged in building new
cyber safeguard measures, it is going to be the right people with the right
understanding, skills, and capabilities to determine success for such
initiatives. However, both government and private sector is struggling
with inadequate supply of network security professionals to implement
various plans and secure critical information assets. On the other hand,
there is a clear absence of effectively established and well defined
ecosystem for shaping careers and education in network security. Training
and capacity building programs being offered at present in network
security, while available aplenty, suffer from poor focus and lack
collaborative vision to unify the needs of academia, students and industry.
A cohesive approach towards imparting industry focused network
security education requires academic institutions to optimize their
campus wide resources to blend knowledge, intellectual capacity, and
practical skills in an unprecedented way. This indeed calls for a partnership
with a technology partner that brings proven expertise and innovation
capability in serving cutting-edge network security capabilities to a wide
range of clientele, thereby providing industry oriented insights in
developing a suitable curriculum and teaching methodology.
Academic establishments such as
universities, colleges and other
training bodies can come to the
rescue of governments and
businesses in making available the
right kind of cyber security
By providing in-depth and industry
focused learning in network
security, academia can help
alleviate the challenge of skills gap.
Moreover, by integrating programs
in network security as a part of
their academic prospectus,
educational institutions can provide
holistic exposure to cyber security,
which shall offer enhanced
awareness into other related
concepts in information assurance,
next generation network security,
digital forensics, cryptography, risk
assessment and mitigation, disaster
recovery and management, security
regulations and compliance, and
information security management.
With this, academia can present
rewarding career avenues and
reach out to thousands of career
aspirants seeking a meaningful
program / certification capable of
assuring hands-on learning using
advanced technologies.
Frost & Sullivan estimates the number of information security professionals worldwide
in 2010 to have been approximately 2.28 million. This figure is expected to increase to
almost 4.24 million by 2015, displaying a Compound Annual Growth Rate (CAGR) of
13.2% from 2010 to 2015.
Figure indicating involvement of information security professionals in various new responsibilities
Source: A study from Frost and Sullivan I Learning
Aspirant cyber warriors yearning for the right
Professional identities such as 'Information Security Professional', 'Cyber
Security Professional' and 'Network Security Engineer' have emerged as
highly sought after prominent career avenues for the global community of
students and aspirant network security professionals.
In the rapidly evolving Information Technology industry, one of the fastest
growing sectors is network / cyber security. With the numerous cyber
threats existing today, businesses and other organizations are having a
high demand for expert talent in cyber security. Expansion in IT ecosystem
has led to emergence of several new segments such as Big Data, Cloud
Computing, Social Media and Mobile Services (apps etc).
This paradigm shift in IT and mobile ecosystem has created several new
opportunities for career aspirants in network security.
As more and more students turn to a career in cyber security, there's an
increased need to address following fundamental aspects
! Need for facilitating broad awareness into the readiness required to
pursue a fruitful career in cyber security
Even as the domain of network
security and cyber risk management
is opening up new career avenues,
career aspirants seeking rewarding
opportunities are struggling with
some fundamental issues, which
largely relate to their limited
perception of the industry needs
and career planning.
For example, many students do not
understand the difference between
a career program in network / cyber
security and a run-of-the-mill course
in hardware and networking offered
by so many network equipment
vendors. Also they lack good
understanding into key skills and
how to go about acquiring those
marketable skills. I Learning
Information security and allied
areas have drawn significant
attention over the past several
years for global businesses and
other organizations. This in a way
also demonstrates their raised
awareness into how information
security has become integral with
integrity of customer, client and
internal data.
Putting forth this understanding,
attention to network security
awareness, proactive steps and
processes are quickly becoming a
central part of the organizational
culture at the vast majority of
businesses, because concerned
decision makers such as CIOs &
CISOs realize that cyber security is
fundamental to how they conduct
business and manage their business
relationships. Yet a spate of recent
findings reveals they still face
significant challenges in acquiring
the right talent and skills for
information risk management.
! Need to clarify a huge difference between run-of-the-mill courses
offered by various network equipment vendors Vs. career programs and
certifications in network / cyber security. Many students fall prey to this
illusion and perceive course offerings from network equipment vendors
as a career in network security. Little do they realize that such courses
are built around specific proprietary technologies and lack the depth
and breadth of career programs in network security
! Need to explain how each unique career opportunity in cyber security
domain demands a specific set of skills
! Need to share adequate guidance on acquiring marketable skills and
industry recognized certifications
! Need to encourage students to adopt a 'novice-to-professional' learning
curve in order to develop thorough grasp into key concepts that include
Networking Essentials, Network Security Essentials, Unified Threat
Management, Ethical Hacking, Penetration Testing and Network
! Need to establish a simple yet a very important thought that a career in
cyber security, just like other technical disciplines is also about the
business of problem solving and connecting the dots, thereby laying
more emphasis on analytical skills and importance of developing
business centric view on information risk management
A career program that can help them see Network Security the way
industry perceives it is the need of the hour. This shall offer them insightful
understanding into different types of available jobs and corresponding
roles and responsibilities.
Information and communication technologies have emerged a key
enabler in inspiring business innovation across a wide array of all sectors
of the global economy. Be it a private business entity or a government
organization, it comes to depend heavily on internet driven technologies
to run their routine business processes. We certainly cannot imagine
infrastructure such as power grids, air transportation systems, financial
markets, banks telecommunications and public utilities to remain
functional and effective without internet enabled information backbone.
While the rise of digitally connected economy augurs well for
international trade prosperity and global competitiveness for many
nations, governments and business organizations at the same time remain
wary of potential risks arising from this paradigm for their information
networks and assets.
While security is increasingly becoming a key concern, inadequate supply
of human capital with critical skills in network security is emerging as a
high risk for various organizations, making their networks and digital
information ecosystem more vulnerable to emerging cyber threats.
Deloitte research recommends the following action points to businesses
as top priorities for cyber risk management in 2013
Industry and government remain wary I Learning
Information security and allied
areas have drawn significant
attention over the past several
years for global businesses and
other organizations. This in a way
also demonstrates their raised
awareness into how information
security has become integral with
integrity of customer, client and
internal data.
Putting forth this understanding,
attention to network security
awareness, proactive steps and
processes are quickly becoming a
central part of the organizational
culture at the vast majority of
businesses, because concerned
decision makers such as CIOs &
CISOs realize that cyber security is
fundamental to how they conduct
business and manage their business
relationships. Yet a spate of recent
findings reveals they still face
significant challenges in acquiring
the right talent and skills for
information risk management.
So many enterprises are experiencing network security skills deficit as
they are not able to find manpower equipped with desired skills. Also as
their existing security staff lacks the necessary level of security skills, they
have a hard time in adopting new emerging technologies, thereby limiting
their opportunity to innovate and venture into profitable avenues of
digital economy.
Adding more truth to this, a new 2012 trends report from IBM identifies
security as the number one barrier of adoption for mobile, cloud and
social business technologies.
Situation is no different in government sector too. A recent study by
Deloitte and the National Association of State Chief Information Officers
(US government) reveal lack of sufficient skilled staff as one among the top
CISO concerns. (see below picture)
Given the increasingly dangerous threat landscape, highly effective
network security skills are becoming mission-critical for both private
businesses and government establishments.
The network security and cyber risk management workforce is fast
becoming scarce with existing human capital also lagging behind in
keeping abreast of changing threats landscape, thus failing to meet the
demands of a global economy that heavily relies on information
The cure lies in the education system. It becomes an imperative for
academia to shoulder this onus to identify the requirements of this career
field as seen and experienced by government and private businesses. They
can achieve this by creating a collaborative approach with an organization
having proven technology expertise in network security.
Collaborating to build a bridge to bridge skills gap
Top five barriers faced in addressing cybersecurity by US government CISOs
You can mass produce antivirus software but until we can clone
cyber security professionals, the security skills shortage will
have an increasing impact on the state of cyber security. I Learning
Benefits of bringing technology leadership (vendor) enabled career
programs to varsities / academia
! Helps develop better understanding of industry and government needs
for network / cybersecurity skills so that industry and academia can
work together to meet the demand (thereby also meeting government
mandate on industry-academia collaboration)
! Helps facilitate much needed collaboration between network-security
and cyber skills workforce customers (industry, businesses, government
etc) and providers (academia, training institutions etc) so that supply
quality better meets demand expectations
! Helps keep abreast of emerging trends in network security and likely
change in the nature of workforce demand so that training programs can
be suitably enhanced to provide latest skills, new capabilities etc
! Facilitates a collaborative framework for shared research and suitable
actions in the future
The Cyberoam Network Security Academy initiative aims at partnering
colleges, universities and other independent training organizations in
developing human capital with mission-critical skills in network-security
and cyber-threats management to meet both current and future
The academy brings holistic focus on imparting industry and cyber
economy mandated network-security cyber risk mitigation skills. In doing
so, it uses research-validated industry data and key insights from real-life
security challenges being faced by today's information networks to
structure its syllabus and training methodology.
Cyberoam Network Security Academy A
collaborative endeavor to address human capital
crisis in network security
The situation is dismal because we
are not producing, from an
education standpoint, the people
with the right skills sets to just have
the primary skills needed in order to
make desired progress in network
security and cyber defenses.
Collectively develop a more inclusive learning platform to address
demand-supply gap for network-security skills by creating industry-
ready network-security workforce.
Inspire education establishments such as colleges, universities and
other similar institutions around the world to include network-
security training and certification programs as part of their
Enable systematic novice to professional learning curve;
enrollment eligibility of the course is set to only basic knowledge of
fundamental computing skills, so that competitive learning reaches
to every aspirant. The program aims at cementing students' know-
how in fundamental concepts of Networking Essentials, Network
Security Essentials, Unified Threat Management, Ethical Hacking,
Penetration Testing and Network Forensics before taking them into
other comprehensive learning areas.
The academy program is committed to
Career Program in Network Security from Cyberoam Academy
To help narrow the skills gaps, Cyberoam Academy has developed a
rigorous career program. The academic offering brings industry-focused
curriculum providing in-depth learning into various key concepts of
network security, cyber threats, risk mitigation technologies and
methods. The initiative leaves no stone unturned in imparting pertinent
learning using distinguishing features such as
1) Marketable skills in network and cyber security
2) Highest number of practical labs
3) hands-on exposure using real-world network security appliances and
4) On-demand mentoring from online 'Live-instructor'.
It also ensures that onlytrained and certified classroom instructors impart
courseware training. By enabling novice-to-professional learning curve,
it allows students to cement their understanding into key concepts in a
step-by-step manner. Upon completing the program, students can explore
the opportunity for a globally recognized certification and are provided
with a FREE exam voucher. Finally, meritorious students exhibiting
outstanding performance also have the opportunity to get placed with
Cyberoam's worldwide network of business partners. I Learning
Toll Free Numbers
USA : +1-800-686-2360 | India : 1-800-301-00013
APAC/MEA : +1-877-777-0368 | Europe : +44-808-120-3958
Copyright 1999 - 2013 Cyberoam Technologies Private Ltd. All rights reserved. Cyberoam, Cyberoam logo are
trademark of Cyberoam Technologies Pvt. Ltd.
Cyberoam assumes no responsibility for accuracy or completeness of information. Neither is this a legally
binding representation. Cyberoam has the right to change, modify, transfer or otherwise revise the publication
without notice.
Cyberoam Product Portfolio
Cyberoam is a multi-award winning
global IT security vendor that brings
in-depth experience in the domain
of network security. Having
partnered a wide range of
businesses and customers in more
than 125 countries, Cyberoam has
helped resolve a multitude of pain
points in network and cyber security
challenges. With this, it has created
admirable thought-leadership for
excellence in product innovation
and customer service, thereby
earning a patronage of some of the
world's leading brands such as LG,
Honda, Emirates, Hitachi and Tata
to name a few.