Cyberspace was once a place that seemed far removed from everyday lives — an abstract world or an online realm we logged into.
Fast forward to today and the world lives in cyberspace — from light bulbs and locks in our homes to our cars and cellphones. Just as we need people to maintain the security of the physical spaces where we live, we also need humans to maintain the security of cyberspace.
While cybersecurity is critical to national security, the demand for professionals in the field exceeds the supply. Between 2013 and 2021, the number of unfilled cybersecurity jobs around the world grew 350%, according to Cybersecurity Ventures.
What are the forces in play that are preventing organizations from preparing cyber professionals to fill the gaps?
Yan Shoshitaishvili
One clear challenge is the level of expertise and training required to enter the field.
“As our society embraces the digital world more and more, we need more cybersecurity professionals. It is difficult to train them because they operate on a much deeper level than what is necessary for a software engineer,” says Yan Shoshitaishvili, assistant professor in the School of Computing and Augmented Intelligence, part of the Ira A. Fulton Schools of Engineering at Arizona State University, and acting director of the Center for Cybersecurity and Trusted Foundations.
In many ways, defending ourselves and our nation starts with education, and filling some of those gaps in the field is not only conventionally achieved by the pros.
“It is crucial that we educate our workforce, not just cybersecurity professionals, but everyone, or the ‘end user’ as we refer to them in computer science,” says Carlos Rubio-Medrano, an ASU alumnus who is now an assistant professor at Texas A&M.
The end user is often more vulnerable when cybersecurity incidents occur, and they need to be able to protect themselves and their families online.
“Let’s say there is a data leak; your information is housed by the company, and they have an incident, losing their data to hackers. There’s often nothing the end user can physically do about it,” Rubio-Medrano says. “Provide people with training — it does not need to be a lot — to help them understand and make informed security decisions.”
“The problem is that trillions of dollars flow across computers every day, as we have integrated them into every portion of our lives,” says Erik Trickel, a computer science doctoral student in SCAI, and a CTF affiliate. “Whether through ransomware, malware or hacking into servers, companies have to hire people who can also protect themselves. Although the gap continues to grow, I feel that we are taking appropriate steps to stem the tide.”
Erik Trickel
ASU continues to raise the bar of excellence higher each year and to be a great place to gain hands-on training through education that prepares students for complex fields such as cybersecurity.
Addressing effective cybersecurity education is a known challenge and one that increases in difficulty when scaled up to fit the demand for trained cybersecurity professionals.
“The faculty at ASU spent a lot of time brainstorming how cybersecurity education should be done at scale, and we came up with this model which the university now provides as an open-source service to the world,” Shoshitaishvili says.
This open-to-the-world platform is pwn.college, preparing the next generation of cybersecurity experts with the moves to thwart cyberattacks.
“Pwn.college comes at it from the hacker’s perspective,” says Jamie Winterton, director of strategy at ASU’s Global Security Initiative. “To defend networks, it’s really essential to know how people think and what they may be doing offensively to your network. It’s impossible to do without that hands-on skill. You can play better defense when you know the offense.”
Pwn.college provides a series of training modules that build on each other, equipping students with theoretical approaches on how best to handle any given situation.
“Then, it just becomes rinse and repeat, over and over again, for each of the many skills to help them grow,” Trickel says.
Jackie LeFevers
This year, U.S. News & World Report once again ranked ASU as the No. 1 school for innovation, for the eighth consecutive year.
ASU’s DNA is infused with innovation, a universitywide goal to “spark, support and manifest new ideas,” ASU President Michael M. Crow says.
“With cybersecurity at ASU, there is this idea of innovation where if you have an idea, you can spin it into reality,” says Jackie LeFevers, assistant director of the Center for Cybersecurity and Trusted Foundations.
The center is designated a National Center of Academic Excellence in cyber defense and research by a joint National Security Agency and U.S. Department of Homeland Security program.
“We are engaging and developing cybersecurity talent, and really instilling a passion for cybersecurity at the high school level,” Shoshitaishvili says. “At the undergraduate level, we have students participating in hacking conventions across the world at events such as DEF CON. We have positioned ASU as the place to go, both physically and digitally, to research, develop and learn about cybersecurity.”
The center’s partnership with the U.S. Department of Defense made possible the practice-based cybersecurity education platform that teaches the world critical security concepts. By learning these concepts, students gain a strong foundation in cybersecurity.
“We need to be able to give people basic skills and the assurance that as a university, we are working on cybersecurity challenges at the student level and beyond,” says Trickel, who is nearing completion of his degree.
“As an ASU graduate, I was educated by very talented people who taught me transferable skills needed to tackle problems, provide solutions and also to provide evidence on the effectiveness of those solutions,” Rubio-Medrano says.
Carlos Rubio-Medrano
1. Think like a hacker.
One crucial skill that bodes well in the cybersecurity field is having a hacking mindset, or being able to think about a computer system and try to find ways to break in.
“Stay up to date with developing technologies, continue to learn new things, report vulnerabilities as you come across them and most of all: think like a hacker,” Rubio-Medrano says.
2. Develop core competencies.
It is important to develop the core competencies and skills of basic programming languages and be able to demonstrate those abilities, a key requirement of a potential employer.
“You have to ask yourself: Am I interested in this position? Have I demonstrated that I am trainable? What intrinsic motivations make me hireable?” advises Trickel.
3. Become a lifelong learner.
“Cybersecurity is a constant journey of learning, ever more than computer science itself,” Shoshitaishvili says. “What you learn rapidly becomes outdated, so you have to continue learning as you will need to adapt quickly for the rest of your career as a cybersecurity professional.”
ASU has a wide variety of resources designed to increase cybersecurity awareness and expertise. Here is a sampling:
Cybersecurity Awareness Month
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally. ASU participates as a National Cybersecurity Awareness month champion.
Pwn.college
The online educational platform provides training modules to aspiring cybersecurity professionals both within and outside ASU.
ASU’s Computer Science (Cybersecurity) Bachelor of Science degree
Through SCAI, the BS program in computer science with a concentration in cybersecurity provides students with the knowledge and skills needed to build dependable and secure information systems and networks and to ensure the integrity and quality of information being stored, processed and transmitted.
Get Protected
ASU is committed to raising the bar when it comes to cybersecurity awareness. Get involved with events and campaigns this October.
The Center for Cybersecurity and Trusted Foundations is partially supported by Arizona’s Technology and Research Initiative Fund. TRIF investment has enabled hands-on training for tens of thousands of students across Arizona’s universities, thousands of scientific discoveries and patented technologies, and hundreds of new startup companies. Publicly supported through voter approval, TRIF is an essential resource for growing Arizona’s economy and providing opportunities for Arizona residents to work, learn and thrive.
Manager of Marketing and Communications, Knowledge Enterprise , Global Security Initiative
480-727-4419 Oliver.Dean@asu.edu
A podcast series on abuse at Utah’s homes for troubled teens produced by a multiple-media team of journalists and the Minnesota StarTribune’s revelations of court-aided exploitation of accident victims have taken top honors in the 16th Annual Barlett & Steele Awards for the Best in Investigative Business Journalism.The Barlett & Steele Awards are administered by the Donald W. Reynolds …
A podcast series on abuse at Utah’s homes for troubled teens produced by a multiple-media team of journalists and the Minnesota StarTribune’s revelations of court-aided exploitation of accident victims have taken top honors in the 16th Annual Barlett & Steele Awards for the Best in Investigative Business Journalism.
The Barlett & Steele Awards are administered by the Donald W. Reynolds National Center for Business Journalism at Arizona State University’s Walter Cronkite School of Journalism and Mass Communication. The awards are named for the illustrious investigative business journalist team of Don Barlett and Jim Steele, who have worked together for more than four decades, receiving two Pulitzer Prizes, two National Magazine awards and a long list of other journalism awards. 
The Barlett & Steele Awards have been given annually for the best in investigative business journalism since 2007. Download Full Image
“This year’s winners are in the finest tradition of what these awards have come to represent — great reporting, fine writing and expert data analysis,” Steele said. “The winners are a testament to the value of in-depth reporting and how it benefits the public.”
The inaugural award for Outstanding Young Journalist was claimed by Neil Bedi of ProPublica for an investigation into faulty mechanical heart pumps.
In addition to the first-ever Young Journalist award, this year marks the first time the Barlett & Steele Awards have recognized publications across two categories — Global/National and Regional/Local — to honor more of the outstanding business journalism being produced throughout the U.S.
Each category features a gold, silver and bronze award. These awards come with cash prizes of $3,000, $2,000 and $1,000 respectively. The Young Journalist award features a cash prize of $3,000.
The cold award in the Global/National category was won by a collaboration among American Public Media, Salt Lake Tribune and KUER public radio, for their investigative work into the Utah government’s lackluster oversight of facilities housing troubled teenagers, resulting in widespread abuse. Their work resulted in a seven-part podcast series titled “Sent Away.”
Rounding out the Global/National category, the silver award went to the Wall Street Journal for its investigation into federal judges’ hidden conflicts of interest. The bronze was awarded to a team of reporters from Bloomberg for their revelations about questionable practices at a telemedicine startup.
In the Regional/Local category, the StarTribune won the gold award for documenting how accident victims in several states were convinced to transfer their court-ordered compensation to other parties for a fraction of its value. In one case, the StarTribune said, a mentally impaired car accident victim sold more than half a million dollars in future payments for $12,001.
The silver award in the Regional/Local category went to a duo from the Atlanta Journal-Constitution for a series on dangerous dwellings, while a team of reporters from the Palm Beach Post and ProPublica won the bronze award for documenting harmful pollution by the sugar industry.
“This addition of more awards this year has allowed us to recognize more groundbreaking investigative business journalism in the U.S.,” said Jeffrey Timmermans, director of the Reynolds Center. “While the industry continues to face many challenges, the fact that there is so much outstanding work being done at news organizations throughout the country — from Utah to Florida — is cause for optimism.”
View more about the winners at businessjournalism.org.
The Reynolds Center will spotlight the recipients of the top prizes at an event at 6 p.m., Arizona time, on Nov. 9 in the First Amendment Forum at the Cronkite School in Downtown Phoenix. Check out the Reynolds Center event page for updates on the live event.
Communications Specialist, Center for Gender Equity in Science and Technology
989-741-3690 jculey@asu.edu
Contact us
