July 25, 2018 By Domenico Raguseo 2 min read

Co-authored by Prof. Danilo Caivano, Prof. Teresa Roselli and Prof. Donato Malerba.

The cybersecurity skills shortage is getting worse — a November 2017 study by the Enterprise Strategy Group (ESG) and Information Systems Security Association (ISSA) confirmed this statement.

But this probably isn’t news to you — especially if you’re among the 70 percent of security professionals who claimed their organization suffers from the talent crisis. Exacerbating this problem is the fact that many top universities have been slow to catch up to the needs of corporations when it comes to cybersecurity education.

Fortunately, at least one school is working to close the gap between what the market needs and what educational systems are delivering.

Closing the Cybersecurity Skills Gap Through Education

The University of Bari Aldo Moro in southern Italy is working closely with IBM to develop a specialized curriculum to help students work toward a bachelor’s degree in cybersecurity.

Founded in 1925, this institution on the Adriatic Sea serves the 1 million-plus residents in the metropolitan area of Bari and also draws students from around the world. Under the beautiful arches of its Roman architecture, students will study application security controls and processes to orchestrate tools, such as vulnerability management and security information and event management (SIEM) tools.

They’ll learn the practices necessary to drive a security unit, such as a security operations center (SOC) or computer security incident response team (CSIRT), with a focus on prevention, detection and response.

How Simulation Exercises Teach Essential Cybersecurity Skills

With IBM’s help, the university is creating a realistic, hands-on lab environment where students are assigned specific roles, such as chief information security officer (CISO), security analyst and security administrator. Through exercises like capture the flag — where defending teams attempt to identify and isolate bad actors breaching the infrastructure — students get a taste of what they might encounter in a real-world cyberattack.

But this is a partial view: In the real world, good and bad are more nuanced, depending on roles, processes and technologies. The lab enables students to test out various roles using the same software and solutions they would find in a real SOC — taking simulation exercises to a new level.

From the Ivory Tower to the Real World

University professors Danilo Caivano, Teresa Roselli and Donato Malerba have been the driving force behind this program, acknowledging the critical role universities can play in alleviating the cybersecurity skills shortage.

The goal is not only to turn out well-informed security professionals but also to leverage the lab as a competency center for the industrial and research communities and provide cybersecurity services in partnership with private companies and public administrations.

Read more: There’s Never Been a Better Time to Consider Security Careers

More from CISO

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Why security orchestration, automation and response (SOAR) is fundamental to a security platform

3 min read - Security teams today are facing increased challenges due to the remote and hybrid workforce expansion in the wake of COVID-19. Teams that were already struggling with too many tools and too much data are finding it even more difficult to collaborate and communicate as employees have moved to a virtual security operations center (SOC) model while addressing an increasing number of threats.  Disconnected teams accelerate the need for an open and connected platform approach to security . Adopting this type of…

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today