Your MSSP or MSP is growing. You have funding, resources and people dedicated to your organization’s mission. But the thought that wakes you up in the middle of the night is how to find qualified professionals to fill the open and future technology roles you will need if your business is to grow and prosper.
You know all too well that there are many more cybersecurity jobs open than there are qualified people to fill them. Frankly, theoretical cybersecurity knowledge is woefully inadequate to trust a cyber rookie at the endpoint. Like a welder, you can’t get good at the job without actually putting the skill into practice and building it up over time. Truly, cybersecurity is a hands-on science.
So, where will this educated and experienced workforce come from, if not from within? For some MSSPs and MSPs, paying the highest wages for top talent might be their only strategy. But for most it’s not a sustainable business model — and certainly not a realistic option for a start-up or organization that focuses on small and medium-sized business (SMB) clientele.
Rest assured the answers are right in front of you (and we’ve got them for you). However, putting them into practice will require some out-of-the-box thinking while making training and mentorship a core component of your operations.
Here’s the short answer:
- Grow your own talent
- Form partnerships with educational institutions and organizations that will help win the war for talent and
- Build long-term loyalty within your workforce
Become Your Own “University”
Many high schools, colleges and universities wish they could add cybersecurity programs to their curriculum. However, the cost to offer such programs, the instructor's salary included, can be more than they can manage. Of course, you know all too well that cybersecurity evolves fast, as attackers can easily defeat tools and techniques that were cutting-edge and effective just 18 months ago.
To keep pace, college instructors must continually update their curriculum, but most do not have time to do so. Consider partnering with your local community college, college or university to offer your input or provide hands-on experience to students in the program.
Consider Alternatives to Four-Year-Degree College Graduates
American Public University System (APUS) recently announced it will offer an accelerated bachelor of science degree in cybersecurity, in connection with the College in 3 Exchange.
Students can register for the three-year bachelor's degree starting in April 2024. APUS, designated as a National Center of Academic Excellence in Cybersecurity (NCAE-C) by the National Security Agency (NSA), is one of only 13 U.S.-based higher education institutions participating in the College in 3 Exchange. The Exchange is a national effort which encourages universities to reimagine the traditional four-year bachelor's curriculum.
Visit the APUS Employer Relations page to learn how your MSSP or MSP can recruit talent, participate in upcoming APUS-sponsored job fairs and connect with recruitment experts.
Take Advantage of Cybersecurity Training and Education Initiatives from Vendors
Now, put aside the belief that all the talent you need will arrive via a traditional university or that you can consistently lure it away from a competitor. The folks at Stellar Cyber will tell you just that — and have put their words into action with the launch of own cyber education initiative.
As one of many channel-focused cybersecurity vendors offering such programs, the Stellar Cyber University Program assures access to cybersecurity technology, curriculum and experts within the Stellar Cyber ecosystem.
Stellar Cyber’s program offers education in general cybersecurity and also provides specialized education in Stellar Cyber’s own platform. That way, students entering the workforce have hands-on experience with real world tools. They are also in a position to recommend these tools to future employers.
This invitation-only program is developing the next generation of cybersecurity professionals, having recently partnered with Boise State University’s Institute of Pervasive Cybersecurity. Each university is tasked with building their own content for their undergrads. Ed Vasko, director of the Institute of Pervasive Cyber at Boise State and the former owner of an MSSP, is building curriculum in partnership with Stellar Cyber. It’s up to each particular university partnering with Stellar Cyber if it wants to deliver instruction online, in-person, or both.
The Stellar Cyber University Program serves as a component of its channel model whereby students leaving the program are “channeled” to its MSSP partners.
“Our partners crave for new recruits that have hands-on experience, not just theoretical,” said Steve Garrison, Stellar Cyber vice president of marketing.
Stellar Cyber recently added a second education partner in Arizona’s Glendale Community College within its Gaucho Security Operations Center. Stellar Cyber has plans to add 10 more schools to the university program over the next year, Garrison said.
The Stellar Cyber University Program promotes the idea of students offering their cybersecurity services to underserved and more vulnerable communities. The schools in effect are providing pro bono services to local communities or government agencies in their respective states.
“This is how the state funding (of schools) kicks in and offers value back to taxpayers,” Garrison said.
Another channel-focused vendor providing cybersecurity education is Blackpoint Cyber, a specialist in managed detection and response (MDR).
Blackpoint launched its Blackpoint University in the summer of 2023, and has plans to relaunch in the first quarter of 2024. Tapping the expertise of adjunct professors and industry experts, Blackpoint University provides access to IT professionals applicable to a range of cybersecurity businesses. The content is relevant to engineers, operational team members, sales and marketing professionals, and especially owners and leaders of MSSPs and MSPs.
The curriculum, led by experts in different disciplines, is based on six training tracks: Leadership, Sales and Go-to-Market Strategy, Threat Operations, Finance, Insurance, and Compliance. Blackpoint said that its Blackpoint University graduates can help the MSSPs and MSPs they work for:
- Create a culture of excellence
- Strengthen security operations
- Master the metrics of growth
- Strategize success in a changing economy
- Leverage frameworks for a competitive edge
- Amplify the value of protection
Consider Other Security Training Resources
In addition to the training programs from Stellar Cyber, Blackpoint Cyber and other cybersecurity businesses, many nonprofit and governmental organizations are also doing their part to train and upskill people. These training programs are provided by, but are not limited to: CISA, EC-Council, SANS Institute, Coursera, CompTIA, Google, and the National Institute for Standards and Technology (NIST).
Looking for more information on cybersecurity educational programs for you, your staff, or your prospective employees? Check out our list of cybersecurity educational programs. Got something to add? Contact [email protected].
Where to Find More Educational Resources
Read MSSP Alert's companion story to learn where you can find news educational and training programs. We'll continue to add to this living document.