As Cyber Attacks Diversify, Those Leading the Defense Must As Well

by Debra McLaughlinSr Mgr, Corporate Responsibility

The cyber security landscape is constantly changing. Businesses and individuals alike must be able to outmaneuver and defend themselves from ever-evolving threats. Both the people and the technology we rely upon need to mount a defense that maintains that pace and doesn’t become complacent.

For example, Symantec’s annual Internet Security Threat Report (ISTR) reports a 600 percent increase in “Internet of  Things” (IoT)-related attacks, while “the threat landscape has become more diverse, with attackers working harder to discover new avenues of attack and cover their tracks while doing so.” New mobile malware variants increased by 54 percent, and, as the crypto currency market took off, attackers recognized a new opportunity, resulting in an 8,500 percent increase in detections of “coin miners” on endpoint computers.

Adding the dramatic growth in threat types to the well-known shortage of cyber security talent and lack of diversity, means the cyber security workforce is at a crucial juncture. We don’t have enough people, we need to be increasingly vigilant about new and different vectors of threats, and we’ve got to get serious about bringing new talent into the pipeline and helping them get skilled as quickly as possible. To illustrate our diversity issue, women make up only 11 percent of the cyber security workforce^[1], and 9 percent are African American^[2]. The U.S. Research also shows that a percentage of cyber security positions could be filled by individuals without a college degree^[3].

How do we fill our talent pipeline with the diversity the industry requires while helping people enter the field more rapidly? Enter the Symantec Cyber Career Connection (Symantec C3) program. Founded by Symantec in June 2014, the intensive program addresses both the critical shortage of qualified cyber security professionals in the industry as well as the under-employment of young adults (ages 18 to 29), specifically women, people of color, and veterans. The program is intended to fill the industry’s entry-level cyber security employment gap with diverse candidates who are well-trained through an alternative pathway.

Symantec C3 is purposefully designed, applying classroom-based training that prepares students for key certifications, followed by meaningful hands-on internship experience, and support for job placement. Working with leading educational development nonprofits Year Up, NPower, and The Stride Center, this unique program addresses four steps of the cyber security workforce pipeline:

• Excite — Symantec C3 supports nonprofits and educators in raising awareness of the long-term career opportunities of cyber security.
• Recruit, Train and Certify — Symantec C3 recruits underserved populations into the field of cyber security, and offers industry-recognized training programs implemented through a network of partners.
• Prepare for Jobs — Symantec C3 places students in cyber security internships for on-the-job preparation and skill development.
• Launch Careers — Symantec C3 connects program graduates to cyber security positions through Symantec’s network of customers and partners.

Symantec C3 works with leading educational-development nonprofits such as The Stride Center (students pictured here) to address key steps in filling the cyber security talent pipeline.

To date, Symantec C3 has achieved a 79 percent graduation rate, with 65 percent of graduates hired in cyber security positions within six months of graduation. 60 percent of graduates are underrepresented minorities (African American and Hispanic) and 25 percent of graduates are female.

Symantec C3 alumnus Christopher Reynolds began developing expertise in cyber security during his military career. However, while pursuing a post-military shift to the corporate world, he quickly learned his skills were not as transferable as he thought. Christopher turned to Symantec C3 at The Stride Center to build out the skill set and experience he needed. In a recent article, he shared how the program opened his eyes to a new career path and helped him land a job with managed service provider Endsight’s helpdesk team:

“IT is a foreign language and a lot of people are afraid to jump in. The face of IT is changing. It is no longer just for white males who wear pocket protectors; it’s for all of us. African Americans who are interested in technology need to be a part of this community. Get the right education and resources to support you, and knock on the door until it opens. I’m already inside and I’ll be waiting to hold that door open for you.”

Alumna Layla Gardner underestimated her natural technical talents until she discovered the Symantec C3 program:

“I never really envisioned myself as that person who would be a technology professional. My school had honors physics, science, English classes, but no computer science. And my mother wasn’t particularly tech savvy; however, she was very supportive of my interests. I really feel that if you start with something you are interested in and dive in, you can do anything. I never thought I would have ended up where I am, but somehow I grabbed ahold of my passion and it took me somewhere I enjoy.”

Today Layla has a full-time position with a leading financial services company’s software security group, on the team that develops and reviews security code for external and internal company applications.

Symantec continues to evaluate ways to scale the program to reach more students and better prepare them through multi-stakeholder interviews, tracking progress, and establishing additional partnerships to expand the reach of this impactful program.

Additionally, the support of Symantec leadership has been key to continuing the momentum of Symantec C3. Symantec President and COO Mike Fey is an active board member for training partner NPower. Symantec employees also serve as advocates and mentors for the Symantec C3 program. 

Most importantly, the students themselves are ambassadors for others from diverse backgrounds. Christopher Reynolds, who serves on The Stride Center Alumni Council, continually reports on how Alumni of the Symantec C3 program have been role models for friends and peers.

Programs like Symantec C3 show that industry can help bridge the critical gap in cyber security roles today and in the future. If you are interested in supporting the mission of Symantec C3 by hosting interns, hiring graduates, or donating time or resources, email SymantecC3@symantec.com for more information.

^[1] Global Information Security Workforce Study: Women in Cyber Security

^[2] ISC2: Innovation Through Inclusion: The Multicultural Cyber Security Workforce (2018)

^[3] Burning Glass: Job Market Intelligence: Cyber Security Jobs, 2015