Seven universities in the St. Louis, Missouri, area have banded together to improve the quality of cybersecurity education they offer their students. By increasing the number of graduates, together they strive to meet the demand for skilled cybersecurity workers in the region.
It is estimated that there are more open jobs in cybersecurity and information security than qualified graduates, with estimates of 3.5 million open positions by 2021. According to a 2018 study by ISC, a nonprofit membership organization, 2.93 million positions were open and unfilled that year. Unless they can hire trained security staff, organizations will not have the capability to create and enforce the correct controls they need to detect or avoid expensive cyberattacks. Failure to implement strong cybersecurity protections can prove very expensive.
A March 2019 report by CNBC, which featured the ISC study, noted the average data breach cost companies $3.86 million, while large-scale breaches can cost $350 million or more. For cybersecurity job seekers, this situation bodes well. According to the U.S. Department of Labor’s Bureau of Labor Statistics, the median annual pay in 2018 for a cybersecurity analyst already exceeded $100,000.
Working Together to Close the Gap
The regional talent gap and the high stakes associated with cybersecurity motivated seven universities in the St. Louis area to band together to constructively deal with these issues. Initial discussions began in February 2017 with a small working group and focused on areas of collaboration, opportunities, and challenges. Ultimately, in December 2017, deans from the institutions agreed to establish the Gateway Higher Education Cybersecurity Consortium (GHECC), an unprecedented formal collaboration wholly focused on cybersecurity.
GHECC Member Universities
Saint Louis University
Southern Illinois University in Edwardsville
University of Missouri – St. Louis
Washington University in St. Louis
GHECC’s purpose is to establish deliberate cooperation and systematic collaboration of regional universities with an educational and research interest in cybersecurity and magnify the impact of those institutions on cybersecurity education, research, and economic development. Its mission is to:
- Facilitate communication among universities, commercial firms, government entities, and community organizations on the range of challenges and opportunities surrounding cybersecurity;
- Identify avenues for academic collaboration in the cybersecurity arena;
- Create and disseminate cybersecurity knowledge; and
- Solve pressing cybersecurity problems of interest to regional stakeholders.
As a nonprofit organization, the GHECC operates under bylaws and a governance structure to guide strategy, plans, and activities in pursuit of its mission. The GHECC accomplishes its mission through a governing board, executive committee, and several standing working groups including membership and outreach, corporate engagement, student involvement, and education and research planning. In the latter half of 2019, the GHECC will be conducting a hackathon, a career fair, and an industry talent summit.
Addressing Community Needs
The St. Louis region is home to several significant federal facilities, including Scott Air Force Base, which houses the United States Transportation Command. In addition, the National Geospatial-Intelligence Agency is constructing a $1.7 billion facility in downtown St. Louis. Both of these agencies have a significant – and growing – need for trained cybersecurity employees. GHECC is working with each of those agencies, with the expectation of continued coordination to help fill the talent gap. Additionally, the region is home to large corporate operations – including Mastercard, Edward Jones, Bayer Plant Science Division, and Centene – that have engaged the consortium to support their cybersecurity needs.
Leading cybersecurity executives say it takes years to effectively train a new hire to become proficient in the range of skills required of a cybersecurity practitioner. The consortium is working with industry leaders to help its member universities develop and improve their cybersecurity degree programs. Similarly, the consortium provides a vehicle for its members to hear from potential employers and create courses that align with the needs of corporate and government clients.
By building cybersecurity undergraduate, graduate, and Ph.D. programs with employers in mind – while also taking into account the growing academic body of knowledge – the consortium believes academia can increase the pipeline of skilled cybersecurity technicians and engineers to begin narrowing the cybersecurity skills gap.