Co-authored by Prof. Danilo Caivano, Prof. Teresa Roselli and Prof. Donato Malerba.

The cybersecurity skills shortage is getting worse — a November 2017 study by the Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA) confirmed this statement.

But this probably isn’t news to you — especially if you’re among the 70 percent of security professionals who claimed their organization suffers from the talent crisis. Exacerbating this problem is the fact that many top universities have been slow to catch up to the needs of corporations when it comes to cybersecurity education.

Fortunately, at least one school is working to close the gap between what the market needs and what educational systems are delivering.

Closing the Cybersecurity Skills Gap Through Education

The University of Bari Aldo Moro in southern Italy is working closely with IBM to develop a specialized curriculum to help students work toward a bachelor’s degree in cybersecurity.

Founded in 1925, this institution on the Adriatic Sea serves the 1 million-plus residents in the metropolitan area of Bari and also draws students from around the world. Under the beautiful arches of its Roman architecture, students will study application security controls and processes to orchestrate tools, such as vulnerability management and security information and event management (SIEM) tools.

They’ll learn the practices necessary to drive a security unit, such as a security operations center (SOC) or computer security incident response team (CSIRT), with a focus on prevention, detection and response.

How Simulation Exercises Teach Essential Cybersecurity Skills

With IBM’s help, the university is creating a realistic, hands-on lab environment where students are assigned specific roles, such as chief information security officer (CISO), security analyst and security administrator. Through exercises like capture the flag — where defending teams attempt to identify and isolate bad actors breaching the infrastructure — students get a taste of what they might encounter in a real-world cyberattack.

But this is a partial view: In the real world, good and bad are more nuanced, depending on roles, processes and technologies. The lab enables students to test out various roles using the same software and solutions they would find in a real SOC — taking simulation exercises to a new level.

From the Ivory Tower to the Real World

University professors Danilo Caivano, Teresa Roselli and Donato Malerba have been the driving force behind this program, acknowledging the critical role universities can play in alleviating the cybersecurity skills shortage.

The goal is not only to turn out well-informed security professionals but also to leverage the lab as a competency center for the industrial and research communities and provide cybersecurity services in partnership with private companies and public administrations.

Read more: There’s Never Been a Better Time to Consider Security Careers