July 25, 2018 By Domenico Raguseo 2 min read

Co-authored by Prof. Danilo Caivano, Prof. Teresa Roselli and Prof. Donato Malerba.

The cybersecurity skills shortage is getting worse — a November 2017 study by the Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA) confirmed this statement.

But this probably isn’t news to you — especially if you’re among the 70 percent of security professionals who claimed their organization suffers from the talent crisis. Exacerbating this problem is the fact that many top universities have been slow to catch up to the needs of corporations when it comes to cybersecurity education.

Fortunately, at least one school is working to close the gap between what the market needs and what educational systems are delivering.

Closing the Cybersecurity Skills Gap Through Education

The University of Bari Aldo Moro in southern Italy is working closely with IBM to develop a specialized curriculum to help students work toward a bachelor’s degree in cybersecurity.

Founded in 1925, this institution on the Adriatic Sea serves the 1 million-plus residents in the metropolitan area of Bari and also draws students from around the world. Under the beautiful arches of its Roman architecture, students will study application security controls and processes to orchestrate tools, such as vulnerability management and security information and event management (SIEM) tools.

They’ll learn the practices necessary to drive a security unit, such as a security operations center (SOC) or computer security incident response team (CSIRT), with a focus on prevention, detection and response.

How Simulation Exercises Teach Essential Cybersecurity Skills

With IBM’s help, the university is creating a realistic, hands-on lab environment where students are assigned specific roles, such as chief information security officer (CISO), security analyst and security administrator. Through exercises like capture the flag — where defending teams attempt to identify and isolate bad actors breaching the infrastructure — students get a taste of what they might encounter in a real-world cyberattack.

But this is a partial view: In the real world, good and bad are more nuanced, depending on roles, processes and technologies. The lab enables students to test out various roles using the same software and solutions they would find in a real SOC — taking simulation exercises to a new level.

From the Ivory Tower to the Real World

University professors Danilo Caivano, Teresa Roselli and Donato Malerba have been the driving force behind this program, acknowledging the critical role universities can play in alleviating the cybersecurity skills shortage.

The goal is not only to turn out well-informed security professionals but also to leverage the lab as a competency center for the industrial and research communities and provide cybersecurity services in partnership with private companies and public administrations.

Read more: There’s Never Been a Better Time to Consider Security Careers

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today