"Our mission is to put technology and design based thinking at the forefront"
Vaidyanathan R Iyer, Security Software Leader, IBM India and South Asia in conversation with Aeshwarya Tiwari shares his opinion on academic curricula, cyber-security and the critical requirements of the field...
Q. What role is IBM playing in improving industry-academia collaboration?
A. Academia and industry make up two important pillars of our economy. For several years, innovation in the education system has impacted the way businesses operate. Entrepreneurs and educational institutes are building constructive frameworks for the Millennial entering the job market.
IBM partners with academia on curriculum contents and education materials on specific Emerging Technologies to help Academia keep pace with the rapid advancements in technology. IBM is working with several government schools to train children in STEM (science, technology, engineering, and mathematics) skills at the high school level. At IBM, our mission is to put technology and design based thinking at the forefront of reshaping science teaching in schools. New technologies, ever-changing skills requirements and outdated curricula are challenging India’s higher education system in its efforts to equip graduates with job-ready skills.
Q. What is the industry report in terms of demand for skilled practitioners?
A. As cybercriminals ramp up attacks with increasingly sophisticated methods, the "white hats" need all the help they can get. According to recent estimates, there will be as many as 3.5 million unfilled positions in the industry by 2021.
There are two reasons for this. The first is that the expansion of digital marketplace has generated more jobs than the current supply of security professionals can meet. The second is a problem of scale; there is a lack of efficient methods to create skilled security practitioners at the same rate.
India is deeply affected by the huge global cyber skill shortage and is predicted to have a shortfall of 1M skilled cybersecurity professionals by 2025, according to a DSCI report. Addressing the gap, security syllabus recommendations have been made to many institutes across the country, by senior experts from IBM who are on the Board of Studies of institutes. The syllabus recommendations go beyond networks and data security to emerging areas like cloud security, security intelligence, and forensics.
Q. What do you think is missing in today’s academic learning in cyber security?
A. Cybercriminals are continuously evolving, scheming and ramping up attacks with complex distributed denial-of-service (DDoS) campaigns, malware scams and a plethora of techniques for sale on the dark web. The reality is that there are simply not enough skilled humans available to properly plan, manage, integrate, and optimize security devices, strategies, and protocols.
The industry is facing a shortage of qualified candidates with the necessary hands-on skills and product experience.
Academic institutions want to meet industry needs, but they are struggling to evolve their curriculum to keep pace with industry shifts and technological advances. There is also a shortage of qualified teachers and professors at both the university and college levels, as many are lured away to the industry by rising salaries. Students interested in pursuing the cybersecurity fields are faced with defining a career path from the myriad options and obtaining the significant education and experience required as basic cybersecurity domain knowledge is not generally taught in high schools, colleges or undergraduate colleges.
Q. What areas require immediate thrust to improve the situation?
A. Becoming an effective security professional requires more than knowing how to deploy and configure technology. It requires combining security theory with practical, hands-on experience. That is something that few certification solutions currently provide. To address this challenge,
• We need hands-on training for people currently working in IT. Interested IT personnel should be selected and trained in cybersecurity. This can include a mentoring or apprenticeship programme within an organization, funding hands-on training in an accredited educational or industrial setting, or creating a consortium of organizations willing to work together to cross-train security professionals.
• We also need to update our formal educational process and encourage more diversity among candidates. Those students that show promise should be encouraged to enter educational programmes that emphasize or specialize in cybersecurity.
Q. Could you share your unique curricula practices?
A. IBM’s course curriculum cuts across Application Security, Security Intelligence, Identity and Asset Management, Data security, Intelligence security, and Network security. The Application Security Engineer career path prepares students to scan web applications against vulnerabilities and attacks, while the Security Intelligence Engineer career path prepares students to learn to consolidate event logs from device endpoints within a network to identify threats. Both these courses have certification exams which students can take at the end of the course. All courses lay the foundation of Cybersecurity. Institutes such as Gitam University (Hyderabad), Kamaraj College of Engineering (Virudhunagar), VelTech University (Chennai), VR Sidhhartha Engineering college (Vijayawada) have adopted our offerings that providing a choice of security courses to the students.
Q. What is the approach of recruiters towards retaining talent in this field?
A. The cybersecurity professionals need continuous cross exposure, skill upgrade, and role re-drafts which helps them to keep their knowledge razor sharp and experience current. Explanation of business imperatives and participation in business objectives will help them better involved and ensure the contribution is aligned to business objectives. At IBM, we have many interesting initiatives to help employees upskill and re-skill themselves. Your Learning is the single go-to Digital Learning Marketplace that delights our learners with immediate performance support and enable them to build skills and transform careers that meet long-term business goals.